Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Multiple malware infections on a relative's computer


  • This topic is locked This topic is locked
20 replies to this topic

#1 RushSonic

RushSonic

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 08 October 2014 - 08:42 PM

Hello.

My grandfather has a Toshiba Satellite C655 computer running Windows 7 Home Premium. Unfortunately, he is infected with multiple spywares which have the following issues whenever he opens Internet Explorer or Google Chrome:

Hijacked home pages (Chrome and IE)

Slowdown when loading pages

Tons of intrusive ads

Annoying ads when some keywords are hovered over

Stupid pop-up messages saying x number of issues have been found

 

I tried looking at a past forum post with a similar problem on his computer but I was not able to download any of the recommended files because the spyware would try and take over the download. Also, I couldn't run Norton Internet Security and trying any online scanner just leads to a bunch of intrusive ads popping up.

 

Here are the programs I know of:

 

RegCure

Genieo

Mighty Magoo Games Console

MightyMagoo Packages

DefaultTab

DefaultTab Chrome

DefineExt

Delta Chrome Toolbar

Delta toolbar

Free Opener

getsav-in

OffersWizard Network System Driver

SavetheChildren Reminder by We-Care.com v4.1.19.4

Search Protect

Swiki version 1.0

Swiki_IE

Web Cake 3.00

Webexp Enhanced

WhiteSmoke New Toolbar

WildTangent Games (That came with the computer but I don't want it on there)

 

Any idea of where to start? I can't download directly from the browser because all the spyware interferes with it so I would need a way to install any removers from an external drive if that is safe to do. I am worried about possibly transfering the infections to my USB drive so if there's a better way I want to hear it. Thanks in advance.


Edited by RushSonic, 08 October 2014 - 08:58 PM.


BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:33 AM

Posted 09 October 2014 - 11:43 AM

Hello Rush Sonic

Run these and lets look at the logs.

This should help you run them.
Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
>>>>

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 09 October 2014 - 09:35 PM

Rkill log

 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 10/09/2014 06:15:24 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Users\Innes\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PID: 1564) [UP-HEUR]
 * C:\windows\SysWOW64\nethtsrv.exe (PID: 1632) [WD-HEUR]
 * C:\windows\SysWOW64\netupdsrv.exe (PID: 1776) [WD-HEUR]
 
3 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * ~1.exe debugger. [IFEO Debugger Deleted]
 * ~2.exe debugger. [IFEO Debugger Deleted]
 * aAvgApi.exe debugger. [IFEO Debugger Deleted]
 * AAWTray.exe debugger. [IFEO Debugger Deleted]
 * About.exe debugger. [IFEO Debugger Deleted]
 * ackwin32.exe debugger. [IFEO Debugger Deleted]
 * adaware.exe debugger. [IFEO Debugger Deleted]
 * Ad-Aware.exe debugger. [IFEO Debugger Deleted]
 * advxdwin.exe debugger. [IFEO Debugger Deleted]
 * AdwarePrj.exe debugger. [IFEO Debugger Deleted]
 * a.exe debugger. [IFEO Debugger Deleted]
 * agent.exe debugger. [IFEO Debugger Deleted]
 * agentsvr.exe debugger. [IFEO Debugger Deleted]
 * agentw.exe debugger. [IFEO Debugger Deleted]
 * alertsvc.exe debugger. [IFEO Debugger Deleted]
 * alevir.exe debugger. [IFEO Debugger Deleted]
 * alogserv.exe debugger. [IFEO Debugger Deleted]
 * AlphaAV debugger. [IFEO Debugger Deleted]
 * AlphaAV.exe debugger. [IFEO Debugger Deleted]
 * AluSchedulerSvc.exe debugger. [IFEO Debugger Deleted]
 * amon9x.exe debugger. [IFEO Debugger Deleted]
 * AntispywarXP2009.exe debugger. [IFEO Debugger Deleted]
 * anti-trojan.exe debugger. [IFEO Debugger Deleted]
 * antivirus.exe debugger. [IFEO Debugger Deleted]
 * AntivirusPlus debugger. [IFEO Debugger Deleted]
 * AntivirusPlus.exe debugger. [IFEO Debugger Deleted]
 * AntivirusPro_2010.exe debugger. [IFEO Debugger Deleted]
 * AntiVirus_Pro.exe debugger. [IFEO Debugger Deleted]
 * Anti-Virus Professional.exe debugger. [IFEO Debugger Deleted]
 * AntivirusXP debugger. [IFEO Debugger Deleted]
 * AntivirusXP.exe debugger. [IFEO Debugger Deleted]
 * antivirusxppro2009.exe debugger. [IFEO Debugger Deleted]
 * ants.exe debugger. [IFEO Debugger Deleted]
 * apimonitor.exe debugger. [IFEO Debugger Deleted]
 * aplica32.exe debugger. [IFEO Debugger Deleted]
 * apvxdwin.exe debugger. [IFEO Debugger Deleted]
 * arr.exe debugger. [IFEO Debugger Deleted]
 * ashAvast.exe debugger. [IFEO Debugger Deleted]
 * ashBug.exe debugger. [IFEO Debugger Deleted]
 * ashChest.exe debugger. [IFEO Debugger Deleted]
 * ashCnsnt.exe debugger. [IFEO Debugger Deleted]
 * ashDisp.exe debugger. [IFEO Debugger Deleted]
 * ashLogV.exe debugger. [IFEO Debugger Deleted]
 * ashMaiSv.exe debugger. [IFEO Debugger Deleted]
 * ashPopWz.exe debugger. [IFEO Debugger Deleted]
 * ashQuick.exe debugger. [IFEO Debugger Deleted]
 * ashServ.exe debugger. [IFEO Debugger Deleted]
 * ashSimp2.exe debugger. [IFEO Debugger Deleted]
 * ashSimpl.exe debugger. [IFEO Debugger Deleted]
 * ashSkPcc.exe debugger. [IFEO Debugger Deleted]
 * ashSkPck.exe debugger. [IFEO Debugger Deleted]
 * ashUpd.exe debugger. [IFEO Debugger Deleted]
 * ashWebSv.exe debugger. [IFEO Debugger Deleted]
 * aswChLic.exe debugger. [IFEO Debugger Deleted]
 * aswRegSvr.exe debugger. [IFEO Debugger Deleted]
 * aswRunDll.exe debugger. [IFEO Debugger Deleted]
 * aswUpdSv.exe debugger. [IFEO Debugger Deleted]
 * atcon.exe debugger. [IFEO Debugger Deleted]
 * atguard.exe debugger. [IFEO Debugger Deleted]
 * atro55en.exe debugger. [IFEO Debugger Deleted]
 * atupdater.exe debugger. [IFEO Debugger Deleted]
 * atwatch.exe debugger. [IFEO Debugger Deleted]
 * au.exe debugger. [IFEO Debugger Deleted]
 * aupdate.exe debugger. [IFEO Debugger Deleted]
 * autodown.exe debugger. [IFEO Debugger Deleted]
 * auto-protect.nav80try.exe debugger. [IFEO Debugger Deleted]
 * autotrace.exe debugger. [IFEO Debugger Deleted]
 * autoupdate.exe debugger. [IFEO Debugger Deleted]
 * av360.exe debugger. [IFEO Debugger Deleted]
 * avadmin.exe debugger. [IFEO Debugger Deleted]
 * avastSvc.exe debugger. [IFEO Debugger Deleted]
 * avastUI.exe debugger. [IFEO Debugger Deleted]
 * AVCare.exe debugger. [IFEO Debugger Deleted]
 * avcenter.exe debugger. [IFEO Debugger Deleted]
 * avciman.exe debugger. [IFEO Debugger Deleted]
 * avconfig.exe debugger. [IFEO Debugger Deleted]
 * avconsol.exe debugger. [IFEO Debugger Deleted]
 * ave32.exe debugger. [IFEO Debugger Deleted]
 * AVENGINE.exe debugger. [IFEO Debugger Deleted]
 * avgcc32.exe debugger. [IFEO Debugger Deleted]
 * avgchk.exe debugger. [IFEO Debugger Deleted]
 * avgcmgr.exe debugger. [IFEO Debugger Deleted]
 * avgcsrvx.exe debugger. [IFEO Debugger Deleted]
 * avgctrl.exe debugger. [IFEO Debugger Deleted]
 * avgdumpx.exe debugger. [IFEO Debugger Deleted]
 * avgemc.exe debugger. [IFEO Debugger Deleted]
 * avgiproxy.exe debugger. [IFEO Debugger Deleted]
 * avgnsx.exe debugger. [IFEO Debugger Deleted]
 * avgnt.exe debugger. [IFEO Debugger Deleted]
 * avgrsx.exe debugger. [IFEO Debugger Deleted]
 * avgscanx.exe debugger. [IFEO Debugger Deleted]
 * avgserv9.exe debugger. [IFEO Debugger Deleted]
 * avgserv.exe debugger. [IFEO Debugger Deleted]
 * avgsrmax.exe debugger. [IFEO Debugger Deleted]
 * avgtray.exe debugger. [IFEO Debugger Deleted]
 * avguard.exe debugger. [IFEO Debugger Deleted]
 * avgui.exe debugger. [IFEO Debugger Deleted]
 * avgupd.exe debugger. [IFEO Debugger Deleted]
 * avgwdsvc.exe debugger. [IFEO Debugger Deleted]
 * avgw.exe debugger. [IFEO Debugger Deleted]
 * avkpop.exe debugger. [IFEO Debugger Deleted]
 * avkserv.exe debugger. [IFEO Debugger Deleted]
 * avkservice.exe debugger. [IFEO Debugger Deleted]
 * avkwctl9.exe debugger. [IFEO Debugger Deleted]
 * avltmain.exe debugger. [IFEO Debugger Deleted]
 * avmailc.exe debugger. [IFEO Debugger Deleted]
 * avmcdlg.exe debugger. [IFEO Debugger Deleted]
 * avnotify.exe debugger. [IFEO Debugger Deleted]
 * avnt.exe debugger. [IFEO Debugger Deleted]
 * _avp32.exe debugger. [IFEO Debugger Deleted]
 * avp32.exe debugger. [IFEO Debugger Deleted]
 * _avpcc.exe debugger. [IFEO Debugger Deleted]
 * avpcc.exe debugger. [IFEO Debugger Deleted]
 * avpdos32.exe debugger. [IFEO Debugger Deleted]
 * _avpm.exe debugger. [IFEO Debugger Deleted]
 * avpm.exe debugger. [IFEO Debugger Deleted]
 * avptc32.exe debugger. [IFEO Debugger Deleted]
 * avpupd.exe debugger. [IFEO Debugger Deleted]
 * avsched32.exe debugger. [IFEO Debugger Deleted]
 * avshadow.exe debugger. [IFEO Debugger Deleted]
 * avsynmgr.exe debugger. [IFEO Debugger Deleted]
 * avupgsvc.exe debugger. [IFEO Debugger Deleted]
 * AVWEBGRD.exe debugger. [IFEO Debugger Deleted]
 * avwin95.exe debugger. [IFEO Debugger Deleted]
 * avwin.exe debugger. [IFEO Debugger Deleted]
 * avwinnt.exe debugger. [IFEO Debugger Deleted]
 * avwsc.exe debugger. [IFEO Debugger Deleted]
 * avwupd32.exe debugger. [IFEO Debugger Deleted]
 * avwupd.exe debugger. [IFEO Debugger Deleted]
 * avwupsrv.exe debugger. [IFEO Debugger Deleted]
 * avxmonitor9x.exe debugger. [IFEO Debugger Deleted]
 * avxmonitornt.exe debugger. [IFEO Debugger Deleted]
 * avxquar.exe debugger. [IFEO Debugger Deleted]
 * backweb.exe debugger. [IFEO Debugger Deleted]
 * bargains.exe debugger. [IFEO Debugger Deleted]
 * bdfvcl.exe debugger. [IFEO Debugger Deleted]
 * bdfvwiz.exe debugger. [IFEO Debugger Deleted]
 * BDInProcPatch.exe debugger. [IFEO Debugger Deleted]
 * bdmcon.exe debugger. [IFEO Debugger Deleted]
 * BDMsnScan.exe debugger. [IFEO Debugger Deleted]
 * bd_professional.exe debugger. [IFEO Debugger Deleted]
 * BDSurvey.exe debugger. [IFEO Debugger Deleted]
 * beagle.exe debugger. [IFEO Debugger Deleted]
 * belt.exe debugger. [IFEO Debugger Deleted]
 * b.exe debugger. [IFEO Debugger Deleted]
 * bidef.exe debugger. [IFEO Debugger Deleted]
 * bidserver.exe debugger. [IFEO Debugger Deleted]
 * bipcpevalsetup.exe debugger. [IFEO Debugger Deleted]
 * bipcp.exe debugger. [IFEO Debugger Deleted]
 * bisp.exe debugger. [IFEO Debugger Deleted]
 * blackd.exe debugger. [IFEO Debugger Deleted]
 * blackice.exe debugger. [IFEO Debugger Deleted]
 * blink.exe debugger. [IFEO Debugger Deleted]
 * blss.exe debugger. [IFEO Debugger Deleted]
 * bootconf.exe debugger. [IFEO Debugger Deleted]
 * bootwarn.exe debugger. [IFEO Debugger Deleted]
 * borg2.exe debugger. [IFEO Debugger Deleted]
 * bpc.exe debugger. [IFEO Debugger Deleted]
 * brasil.exe debugger. [IFEO Debugger Deleted]
 * brastk.exe debugger. [IFEO Debugger Deleted]
 * brw.exe debugger. [IFEO Debugger Deleted]
 * bs120.exe debugger. [IFEO Debugger Deleted]
 * bspatch.exe debugger. [IFEO Debugger Deleted]
 * bundle.exe debugger. [IFEO Debugger Deleted]
 * bvt.exe debugger. [IFEO Debugger Deleted]
 * cavscan.exe debugger. [IFEO Debugger Deleted]
 * ccapp.exe debugger. [IFEO Debugger Deleted]
 * ccevtmgr.exe debugger. [IFEO Debugger Deleted]
 * ccpxysvc.exe debugger. [IFEO Debugger Deleted]
 * ccSvcHst.exe debugger. [IFEO Debugger Deleted]
 * cdp.exe debugger. [IFEO Debugger Deleted]
 * c.exe debugger. [IFEO Debugger Deleted]
 * cfd.exe debugger. [IFEO Debugger Deleted]
 * cfgwiz.exe debugger. [IFEO Debugger Deleted]
 * cfiadmin.exe debugger. [IFEO Debugger Deleted]
 * cfiaudit.exe debugger. [IFEO Debugger Deleted]
 * cfinet32.exe debugger. [IFEO Debugger Deleted]
 * cfinet.exe debugger. [IFEO Debugger Deleted]
 * cfpconfg.exe debugger. [IFEO Debugger Deleted]
 * cfp.exe debugger. [IFEO Debugger Deleted]
 * cfplogvw.exe debugger. [IFEO Debugger Deleted]
 * cfpupdat.exe debugger. [IFEO Debugger Deleted]
 * claw95cf.exe debugger. [IFEO Debugger Deleted]
 * claw95.exe debugger. [IFEO Debugger Deleted]
 * cleaner3.exe debugger. [IFEO Debugger Deleted]
 * cleaner.exe debugger. [IFEO Debugger Deleted]
 * clean.exe debugger. [IFEO Debugger Deleted]
 * cleanIELow.exe debugger. [IFEO Debugger Deleted]
 * cleanpc.exe debugger. [IFEO Debugger Deleted]
 * click.exe debugger. [IFEO Debugger Deleted]
 * cmd32.exe debugger. [IFEO Debugger Deleted]
 * cmdagent.exe debugger. [IFEO Debugger Deleted]
 * cmesys.exe debugger. [IFEO Debugger Deleted]
 * cmgrdian.exe debugger. [IFEO Debugger Deleted]
 * cmon016.exe debugger. [IFEO Debugger Deleted]
 * connectionmonitor.exe debugger. [IFEO Debugger Deleted]
 * control debugger. [IFEO Debugger Deleted]
 * cpd.exe debugger. [IFEO Debugger Deleted]
 * cpf9x206.exe debugger. [IFEO Debugger Deleted]
 * cpfnt206.exe debugger. [IFEO Debugger Deleted]
 * crashrep.exe debugger. [IFEO Debugger Deleted]
 * csc.exe debugger. [IFEO Debugger Deleted]
 * cssconfg.exe debugger. [IFEO Debugger Deleted]
 * cssupdat.exe debugger. [IFEO Debugger Deleted]
 * cssurf.exe debugger. [IFEO Debugger Deleted]
 * ctrl.exe debugger. [IFEO Debugger Deleted]
 * cv.exe debugger. [IFEO Debugger Deleted]
 * cwnb181.exe debugger. [IFEO Debugger Deleted]
 * cwntdwmo.exe debugger. [IFEO Debugger Deleted]
 * datemanager.exe debugger. [IFEO Debugger Deleted]
 * dcomx.exe debugger. [IFEO Debugger Deleted]
 * defalert.exe debugger. [IFEO Debugger Deleted]
 * defscangui.exe debugger. [IFEO Debugger Deleted]
 * defwatch.exe debugger. [IFEO Debugger Deleted]
 * deloeminfs.exe debugger. [IFEO Debugger Deleted]
 * deputy.exe debugger. [IFEO Debugger Deleted]
 * d.exe debugger. [IFEO Debugger Deleted]
 * divx.exe debugger. [IFEO Debugger Deleted]
 * dllcache.exe debugger. [IFEO Debugger Deleted]
 * dllreg.exe debugger. [IFEO Debugger Deleted]
 * doors.exe debugger. [IFEO Debugger Deleted]
 * dop.exe debugger. [IFEO Debugger Deleted]
 * dpf.exe debugger. [IFEO Debugger Deleted]
 * dpfsetup.exe debugger. [IFEO Debugger Deleted]
 * dpps2.exe debugger. [IFEO Debugger Deleted]
 * driverctrl.exe debugger. [IFEO Debugger Deleted]
 * drwatson.exe debugger. [IFEO Debugger Deleted]
 * drweb32.exe debugger. [IFEO Debugger Deleted]
 * drwebupw.exe debugger. [IFEO Debugger Deleted]
 * dssagent.exe debugger. [IFEO Debugger Deleted]
 * dvp95_0.exe debugger. [IFEO Debugger Deleted]
 * dvp95.exe debugger. [IFEO Debugger Deleted]
 * ecengine.exe debugger. [IFEO Debugger Deleted]
 * efpeadm.exe debugger. [IFEO Debugger Deleted]
 * emsw.exe debugger. [IFEO Debugger Deleted]
 * ent.exe debugger. [IFEO Debugger Deleted]
 * esafe.exe debugger. [IFEO Debugger Deleted]
 * escanhnt.exe debugger. [IFEO Debugger Deleted]
 * escanv95.exe debugger. [IFEO Debugger Deleted]
 * espwatch.exe debugger. [IFEO Debugger Deleted]
 * ethereal.exe debugger. [IFEO Debugger Deleted]
 * etrustcipe.exe debugger. [IFEO Debugger Deleted]
 * evpn.exe debugger. [IFEO Debugger Deleted]
 * exantivirus-cnet.exe debugger. [IFEO Debugger Deleted]
 * exe.avxw.exe debugger. [IFEO Debugger Deleted]
 * expert.exe debugger. [IFEO Debugger Deleted]
 * explore.exe debugger. [IFEO Debugger Deleted]
 * fact.exe debugger. [IFEO Debugger Deleted]
 * f-agnt95.exe debugger. [IFEO Debugger Deleted]
 * fameh32.exe debugger. [IFEO Debugger Deleted]
 * fast.exe debugger. [IFEO Debugger Deleted]
 * fch32.exe debugger. [IFEO Debugger Deleted]
 * fih32.exe debugger. [IFEO Debugger Deleted]
 * findviru.exe debugger. [IFEO Debugger Deleted]
 * firewall.exe debugger. [IFEO Debugger Deleted]
 * fixcfg.exe debugger. [IFEO Debugger Deleted]
 * fixfp.exe debugger. [IFEO Debugger Deleted]
 * fnrb32.exe debugger. [IFEO Debugger Deleted]
 * f-prot95.exe debugger. [IFEO Debugger Deleted]
 * f-prot.exe debugger. [IFEO Debugger Deleted]
 * fprot.exe debugger. [IFEO Debugger Deleted]
 * fp-win.exe debugger. [IFEO Debugger Deleted]
 * fp-win_trial.exe debugger. [IFEO Debugger Deleted]
 * frmwrk32.exe debugger. [IFEO Debugger Deleted]
 * frw.exe debugger. [IFEO Debugger Deleted]
 * fsaa.exe debugger. [IFEO Debugger Deleted]
 * fsav32.exe debugger. [IFEO Debugger Deleted]
 * fsav530stbyb.exe debugger. [IFEO Debugger Deleted]
 * fsav530wtbyb.exe debugger. [IFEO Debugger Deleted]
 * fsav95.exe debugger. [IFEO Debugger Deleted]
 * fsav.exe debugger. [IFEO Debugger Deleted]
 * fsgk32.exe debugger. [IFEO Debugger Deleted]
 * fsm32.exe debugger. [IFEO Debugger Deleted]
 * fsma32.exe debugger. [IFEO Debugger Deleted]
 * fsmb32.exe debugger. [IFEO Debugger Deleted]
 * f-stopw.exe debugger. [IFEO Debugger Deleted]
 * gator.exe debugger. [IFEO Debugger Deleted]
 * gav.exe debugger. [IFEO Debugger Deleted]
 * gbmenu.exe debugger. [IFEO Debugger Deleted]
 * gbn976rl.exe debugger. [IFEO Debugger Deleted]
 * gbpoll.exe debugger. [IFEO Debugger Deleted]
 * generics.exe debugger. [IFEO Debugger Deleted]
 * gmt.exe debugger. [IFEO Debugger Deleted]
 * guarddog.exe debugger. [IFEO Debugger Deleted]
 * guard.exe debugger. [IFEO Debugger Deleted]
 * guardgui.exe debugger. [IFEO Debugger Deleted]
 * guardxkickoff.exe debugger. [IFEO Debugger Deleted]
 * hacktracersetup.exe debugger. [IFEO Debugger Deleted]
 * hbinst.exe debugger. [IFEO Debugger Deleted]
 * hbsrv.exe debugger. [IFEO Debugger Deleted]
 * History.exe debugger. [IFEO Debugger Deleted]
 * homeav2010.exe debugger. [IFEO Debugger Deleted]
 * hotactio.exe debugger. [IFEO Debugger Deleted]
 * hotpatch.exe debugger. [IFEO Debugger Deleted]
 * htlog.exe debugger. [IFEO Debugger Deleted]
 * htpatch.exe debugger. [IFEO Debugger Deleted]
 * hwpe.exe debugger. [IFEO Debugger Deleted]
 * hxdl.exe debugger. [IFEO Debugger Deleted]
 * hxiul.exe debugger. [IFEO Debugger Deleted]
 * iamapp.exe debugger. [IFEO Debugger Deleted]
 * iamserv.exe debugger. [IFEO Debugger Deleted]
 * iamstats.exe debugger. [IFEO Debugger Deleted]
 * ibmasn.exe debugger. [IFEO Debugger Deleted]
 * ibmavsp.exe debugger. [IFEO Debugger Deleted]
 * icload95.exe debugger. [IFEO Debugger Deleted]
 * icloadnt.exe debugger. [IFEO Debugger Deleted]
 * icmon.exe debugger. [IFEO Debugger Deleted]
 * icsupp95.exe debugger. [IFEO Debugger Deleted]
 * icsuppnt.exe debugger. [IFEO Debugger Deleted]
 * Identity.exe debugger. [IFEO Debugger Deleted]
 * idle.exe debugger. [IFEO Debugger Deleted]
 * iedll.exe debugger. [IFEO Debugger Deleted]
 * iedriver.exe debugger. [IFEO Debugger Deleted]
 * IEShow.exe debugger. [IFEO Debugger Deleted]
 * iface.exe debugger. [IFEO Debugger Deleted]
 * ifw2000.exe debugger. [IFEO Debugger Deleted]
 * inetlnfo.exe debugger. [IFEO Debugger Deleted]
 * infus.exe debugger. [IFEO Debugger Deleted]
 * infwin.exe debugger. [IFEO Debugger Deleted]
 * init32.exe  debugger. [IFEO Debugger Deleted]
 * init.exe debugger. [IFEO Debugger Deleted]
 * install[1].exe debugger. [IFEO Debugger Deleted]
 * install[2].exe debugger. [IFEO Debugger Deleted]
 * install[3].exe debugger. [IFEO Debugger Deleted]
 * install[4].exe debugger. [IFEO Debugger Deleted]
 * install[5].exe debugger. [IFEO Debugger Deleted]
 * intdel.exe debugger. [IFEO Debugger Deleted]
 * intren.exe debugger. [IFEO Debugger Deleted]
 * iomon98.exe debugger. [IFEO Debugger Deleted]
 * istsvc.exe debugger. [IFEO Debugger Deleted]
 * jammer.exe debugger. [IFEO Debugger Deleted]
 * jdbgmrg.exe debugger. [IFEO Debugger Deleted]
 * jedi.exe debugger. [IFEO Debugger Deleted]
 * JsRcGen.exe debugger. [IFEO Debugger Deleted]
 * kavlite40eng.exe debugger. [IFEO Debugger Deleted]
 * kavpers40eng.exe debugger. [IFEO Debugger Deleted]
 * kavpf.exe debugger. [IFEO Debugger Deleted]
 * kazza.exe debugger. [IFEO Debugger Deleted]
 * keenvalue.exe debugger. [IFEO Debugger Deleted]
 * kerio-pf-213-en-win.exe debugger. [IFEO Debugger Deleted]
 * kerio-wrl-421-en-win.exe debugger. [IFEO Debugger Deleted]
 * kerio-wrp-421-en-win.exe debugger. [IFEO Debugger Deleted]
 * killprocesssetup161.exe debugger. [IFEO Debugger Deleted]
 * ldnetmon.exe debugger. [IFEO Debugger Deleted]
 * ldpro.exe debugger. [IFEO Debugger Deleted]
 * ldpromenu.exe debugger. [IFEO Debugger Deleted]
 * ldscan.exe debugger. [IFEO Debugger Deleted]
 * licmgr.exe debugger. [IFEO Debugger Deleted]
 * lnetinfo.exe debugger. [IFEO Debugger Deleted]
 * loader.exe debugger. [IFEO Debugger Deleted]
 * localnet.exe debugger. [IFEO Debugger Deleted]
 * lockdown2000.exe debugger. [IFEO Debugger Deleted]
 * lockdown.exe debugger. [IFEO Debugger Deleted]
 * lookout.exe debugger. [IFEO Debugger Deleted]
 * lordpe.exe debugger. [IFEO Debugger Deleted]
 * lsetup.exe debugger. [IFEO Debugger Deleted]
 * luall.exe debugger. [IFEO Debugger Deleted]
 * luau.exe debugger. [IFEO Debugger Deleted]
 * lucomserver.exe debugger. [IFEO Debugger Deleted]
 * luinit.exe debugger. [IFEO Debugger Deleted]
 * luspt.exe debugger. [IFEO Debugger Deleted]
 * MalwareRemoval.exe debugger. [IFEO Debugger Deleted]
 * mapisvc32.exe debugger. [IFEO Debugger Deleted]
 * mbam.exe debugger. [IFEO Debugger Deleted]
 * mbamgui.exe debugger. [IFEO Debugger Deleted]
 * mbamservice.exe debugger. [IFEO Debugger Deleted]
 * mcagent.exe debugger. [IFEO Debugger Deleted]
 * mcmnhdlr.exe debugger. [IFEO Debugger Deleted]
 * mcmpeng.exe debugger. [IFEO Debugger Deleted]
 * mcmscsvc.exe debugger. [IFEO Debugger Deleted]
 * mcnasvc.exe debugger. [IFEO Debugger Deleted]
 * mcproxy.exe debugger. [IFEO Debugger Deleted]
 * McSACore.exe debugger. [IFEO Debugger Deleted]
 * mcshell.exe debugger. [IFEO Debugger Deleted]
 * mcshield.exe debugger. [IFEO Debugger Deleted]
 * mcsysmon.exe debugger. [IFEO Debugger Deleted]
 * mctool.exe debugger. [IFEO Debugger Deleted]
 * mcupdate.exe debugger. [IFEO Debugger Deleted]
 * mcvsrte.exe debugger. [IFEO Debugger Deleted]
 * mcvsshld.exe debugger. [IFEO Debugger Deleted]
 * md.exe debugger. [IFEO Debugger Deleted]
 * mfin32.exe debugger. [IFEO Debugger Deleted]
 * mfw2en.exe debugger. [IFEO Debugger Deleted]
 * mfweng3.02d30.exe debugger. [IFEO Debugger Deleted]
 * mgavrtcl.exe debugger. [IFEO Debugger Deleted]
 * mgavrte.exe debugger. [IFEO Debugger Deleted]
 * mghtml.exe debugger. [IFEO Debugger Deleted]
 * mgui.exe debugger. [IFEO Debugger Deleted]
 * minilog.exe debugger. [IFEO Debugger Deleted]
 * mmod.exe debugger. [IFEO Debugger Deleted]
 * monitor.exe debugger. [IFEO Debugger Deleted]
 * moolive.exe debugger. [IFEO Debugger Deleted]
 * mostat.exe debugger. [IFEO Debugger Deleted]
 * mpfagent.exe debugger. [IFEO Debugger Deleted]
 * mpfservice.exe debugger. [IFEO Debugger Deleted]
 * MPFSrv.exe debugger. [IFEO Debugger Deleted]
 * mpftray.exe debugger. [IFEO Debugger Deleted]
 * mrflux.exe debugger. [IFEO Debugger Deleted]
 * mrt.exe debugger. [IFEO Debugger Deleted]
 * msa.exe debugger. [IFEO Debugger Deleted]
 * msapp.exe debugger. [IFEO Debugger Deleted]
 * MSASCui.exe debugger. [IFEO Debugger Deleted]
 * msbb.exe debugger. [IFEO Debugger Deleted]
 * msblast.exe debugger. [IFEO Debugger Deleted]
 * mscache.exe debugger. [IFEO Debugger Deleted]
 * msccn32.exe debugger. [IFEO Debugger Deleted]
 * mscman.exe debugger. [IFEO Debugger Deleted]
 * msconfig debugger. [IFEO Debugger Deleted]
 * msdm.exe debugger. [IFEO Debugger Deleted]
 * msdos.exe debugger. [IFEO Debugger Deleted]
 * msiexec16.exe debugger. [IFEO Debugger Deleted]
 * mslaugh.exe debugger. [IFEO Debugger Deleted]
 * msmgt.exe debugger. [IFEO Debugger Deleted]
 * msmsgri32.exe debugger. [IFEO Debugger Deleted]
 * msseces.exe debugger. [IFEO Debugger Deleted]
 * mssmmc32.exe debugger. [IFEO Debugger Deleted]
 * mssys.exe debugger. [IFEO Debugger Deleted]
 * msvxd.exe debugger. [IFEO Debugger Deleted]
 * mu0311ad.exe debugger. [IFEO Debugger Deleted]
 * mwatch.exe debugger. [IFEO Debugger Deleted]
 * n32scanw.exe debugger. [IFEO Debugger Deleted]
 * navap.navapsvc.exe debugger. [IFEO Debugger Deleted]
 * navapsvc.exe debugger. [IFEO Debugger Deleted]
 * navapw32.exe debugger. [IFEO Debugger Deleted]
 * navdx.exe debugger. [IFEO Debugger Deleted]
 * nav.exe debugger. [IFEO Debugger Deleted]
 * navlu32.exe debugger. [IFEO Debugger Deleted]
 * navnt.exe debugger. [IFEO Debugger Deleted]
 * navstub.exe debugger. [IFEO Debugger Deleted]
 * navw32.exe debugger. [IFEO Debugger Deleted]
 * navwnt.exe debugger. [IFEO Debugger Deleted]
 * nc2000.exe debugger. [IFEO Debugger Deleted]
 * ncinst4.exe debugger. [IFEO Debugger Deleted]
 * ndd32.exe debugger. [IFEO Debugger Deleted]
 * neomonitor.exe debugger. [IFEO Debugger Deleted]
 * neowatchlog.exe debugger. [IFEO Debugger Deleted]
 * netarmor.exe debugger. [IFEO Debugger Deleted]
 * netd32.exe debugger. [IFEO Debugger Deleted]
 * netinfo.exe debugger. [IFEO Debugger Deleted]
 * netmon.exe debugger. [IFEO Debugger Deleted]
 * netscanpro.exe debugger. [IFEO Debugger Deleted]
 * netspyhunter-1.2.exe debugger. [IFEO Debugger Deleted]
 * netutils.exe debugger. [IFEO Debugger Deleted]
 * nisserv.exe debugger. [IFEO Debugger Deleted]
 * nisum.exe debugger. [IFEO Debugger Deleted]
 * nmain.exe debugger. [IFEO Debugger Deleted]
 * nod32.exe debugger. [IFEO Debugger Deleted]
 * normist.exe debugger. [IFEO Debugger Deleted]
 * norton_internet_secu_3.0_407.exe debugger. [IFEO Debugger Deleted]
 * notstart.exe debugger. [IFEO Debugger Deleted]
 * npf40_tw_98_nt_me_2k.exe debugger. [IFEO Debugger Deleted]
 * npfmessenger.exe debugger. [IFEO Debugger Deleted]
 * nprotect.exe debugger. [IFEO Debugger Deleted]
 * npscheck.exe debugger. [IFEO Debugger Deleted]
 * npssvc.exe debugger. [IFEO Debugger Deleted]
 * nsched32.exe debugger. [IFEO Debugger Deleted]
 * nssys32.exe debugger. [IFEO Debugger Deleted]
 * nstask32.exe debugger. [IFEO Debugger Deleted]
 * nsupdate.exe debugger. [IFEO Debugger Deleted]
 * nt.exe debugger. [IFEO Debugger Deleted]
 * ntrtscan.exe debugger. [IFEO Debugger Deleted]
 * ntvdm.exe debugger. [IFEO Debugger Deleted]
 * ntxconfig.exe debugger. [IFEO Debugger Deleted]
 * nui.exe debugger. [IFEO Debugger Deleted]
 * nupgrade.exe debugger. [IFEO Debugger Deleted]
 * nvarch16.exe debugger. [IFEO Debugger Deleted]
 * nvc95.exe debugger. [IFEO Debugger Deleted]
 * nvsvc32.exe debugger. [IFEO Debugger Deleted]
 * nwinst4.exe debugger. [IFEO Debugger Deleted]
 * nwservice.exe debugger. [IFEO Debugger Deleted]
 * nwtool16.exe debugger. [IFEO Debugger Deleted]
 * OAcat.exe debugger. [IFEO Debugger Deleted]
 * OAhlp.exe debugger. [IFEO Debugger Deleted]
 * OAReg.exe debugger. [IFEO Debugger Deleted]
 * oasrv.exe debugger. [IFEO Debugger Deleted]
 * oaui.exe debugger. [IFEO Debugger Deleted]
 * oaview.exe debugger. [IFEO Debugger Deleted]
 * ODSW.exe debugger. [IFEO Debugger Deleted]
 * ollydbg.exe debugger. [IFEO Debugger Deleted]
 * onsrvr.exe debugger. [IFEO Debugger Deleted]
 * optimize.exe debugger. [IFEO Debugger Deleted]
 * ostronet.exe debugger. [IFEO Debugger Deleted]
 * otfix.exe debugger. [IFEO Debugger Deleted]
 * outpost.exe debugger. [IFEO Debugger Deleted]
 * outpostinstall.exe debugger. [IFEO Debugger Deleted]
 * outpostproinstall.exe debugger. [IFEO Debugger Deleted]
 * ozn695m5.exe debugger. [IFEO Debugger Deleted]
 * padmin.exe debugger. [IFEO Debugger Deleted]
 * panixk.exe debugger. [IFEO Debugger Deleted]
 * patch.exe debugger. [IFEO Debugger Deleted]
 * pavcl.exe debugger. [IFEO Debugger Deleted]
 * pav.exe debugger. [IFEO Debugger Deleted]
 * PavFnSvr.exe debugger. [IFEO Debugger Deleted]
 * pavproxy.exe debugger. [IFEO Debugger Deleted]
 * pavprsrv.exe debugger. [IFEO Debugger Deleted]
 * pavsched.exe debugger. [IFEO Debugger Deleted]
 * pavsrv51.exe debugger. [IFEO Debugger Deleted]
 * pavw.exe debugger. [IFEO Debugger Deleted]
 * PC_Antispyware2010.exe debugger. [IFEO Debugger Deleted]
 * pccwin98.exe debugger. [IFEO Debugger Deleted]
 * pc.exe debugger. [IFEO Debugger Deleted]
 * pcfwallicon.exe debugger. [IFEO Debugger Deleted]
 * pcip10117_0.exe debugger. [IFEO Debugger Deleted]
 * pcscan.exe debugger. [IFEO Debugger Deleted]
 * pctsAuxs.exe debugger. [IFEO Debugger Deleted]
 * pctsGui.exe debugger. [IFEO Debugger Deleted]
 * pctsSvc.exe debugger. [IFEO Debugger Deleted]
 * pctsTray.exe debugger. [IFEO Debugger Deleted]
 * pdfndr.exe debugger. [IFEO Debugger Deleted]
 * pdsetup.exe debugger. [IFEO Debugger Deleted]
 * PerAvir.exe debugger. [IFEO Debugger Deleted]
 * periscope.exe debugger. [IFEO Debugger Deleted]
 * persfw.exe debugger. [IFEO Debugger Deleted]
 * personalguard debugger. [IFEO Debugger Deleted]
 * personalguard.exe debugger. [IFEO Debugger Deleted]
 * perswf.exe debugger. [IFEO Debugger Deleted]
 * pf2.exe debugger. [IFEO Debugger Deleted]
 * pfwadmin.exe debugger. [IFEO Debugger Deleted]
 * pgmonitr.exe debugger. [IFEO Debugger Deleted]
 * pingscan.exe debugger. [IFEO Debugger Deleted]
 * platin.exe debugger. [IFEO Debugger Deleted]
 * pop3trap.exe debugger. [IFEO Debugger Deleted]
 * poproxy.exe debugger. [IFEO Debugger Deleted]
 * popscan.exe debugger. [IFEO Debugger Deleted]
 * portdetective.exe debugger. [IFEO Debugger Deleted]
 * portmonitor.exe debugger. [IFEO Debugger Deleted]
 * powerscan.exe debugger. [IFEO Debugger Deleted]
 * ppinupdt.exe debugger. [IFEO Debugger Deleted]
 * pptbc.exe debugger. [IFEO Debugger Deleted]
 * ppvstop.exe debugger. [IFEO Debugger Deleted]
 * prizesurfer.exe debugger. [IFEO Debugger Deleted]
 * prmt.exe debugger. [IFEO Debugger Deleted]
 * prmvr.exe debugger. [IFEO Debugger Deleted]
 * procdump.exe debugger. [IFEO Debugger Deleted]
 * processmonitor.exe debugger. [IFEO Debugger Deleted]
 * procexplorerv1.0.exe debugger. [IFEO Debugger Deleted]
 * programauditor.exe debugger. [IFEO Debugger Deleted]
 * proport.exe debugger. [IFEO Debugger Deleted]
 * protector.exe debugger. [IFEO Debugger Deleted]
 * protectx.exe debugger. [IFEO Debugger Deleted]
 * PSANCU.exe debugger. [IFEO Debugger Deleted]
 * PSANHost.exe debugger. [IFEO Debugger Deleted]
 * PSANToManager.exe debugger. [IFEO Debugger Deleted]
 * PsCtrls.exe debugger. [IFEO Debugger Deleted]
 * PsImSvc.exe debugger. [IFEO Debugger Deleted]
 * PskSvc.exe debugger. [IFEO Debugger Deleted]
 * pspf.exe debugger. [IFEO Debugger Deleted]
 * PSUNMain.exe debugger. [IFEO Debugger Deleted]
 * purge.exe debugger. [IFEO Debugger Deleted]
 * qconsole.exe debugger. [IFEO Debugger Deleted]
 * qh.exe debugger. [IFEO Debugger Deleted]
 * qserver.exe debugger. [IFEO Debugger Deleted]
 * QuickHealCleaner.exe debugger. [IFEO Debugger Deleted]
 * Quick Heal.exe debugger. [IFEO Debugger Deleted]
 * rapapp.exe debugger. [IFEO Debugger Deleted]
 * rav7.exe debugger. [IFEO Debugger Deleted]
 * rav7win.exe debugger. [IFEO Debugger Deleted]
 * rav8win32eng.exe debugger. [IFEO Debugger Deleted]
 * ray.exe debugger. [IFEO Debugger Deleted]
 * rb32.exe debugger. [IFEO Debugger Deleted]
 * rcsync.exe debugger. [IFEO Debugger Deleted]
 * realmon.exe debugger. [IFEO Debugger Deleted]
 * reged.exe debugger. [IFEO Debugger Deleted]
 * regedt32.exe debugger. [IFEO Debugger Deleted]
 * rescue32.exe debugger. [IFEO Debugger Deleted]
 * rescue.exe debugger. [IFEO Debugger Deleted]
 * rrguard.exe debugger. [IFEO Debugger Deleted]
 * rscdwld.exe debugger. [IFEO Debugger Deleted]
 * rshell.exe debugger. [IFEO Debugger Deleted]
 * rtvscan.exe debugger. [IFEO Debugger Deleted]
 * rtvscn95.exe debugger. [IFEO Debugger Deleted]
 * rulaunch.exe debugger. [IFEO Debugger Deleted]
 * rwg debugger. [IFEO Debugger Deleted]
 * rwg.exe debugger. [IFEO Debugger Deleted]
 * SafetyKeeper.exe debugger. [IFEO Debugger Deleted]
 * safeweb.exe debugger. [IFEO Debugger Deleted]
 * sahagent.exe debugger. [IFEO Debugger Deleted]
 * SaveArmor.exe debugger. [IFEO Debugger Deleted]
 * SaveDefense.exe debugger. [IFEO Debugger Deleted]
 * Save.exe debugger. [IFEO Debugger Deleted]
 * SaveKeep.exe debugger. [IFEO Debugger Deleted]
 * savenow.exe debugger. [IFEO Debugger Deleted]
 * sbserv.exe debugger. [IFEO Debugger Deleted]
 * scam32.exe debugger. [IFEO Debugger Deleted]
 * scan32.exe debugger. [IFEO Debugger Deleted]
 * scan95.exe debugger. [IFEO Debugger Deleted]
 * scanpm.exe debugger. [IFEO Debugger Deleted]
 * sc.exe debugger. [IFEO Debugger Deleted]
 * scrscan.exe debugger. [IFEO Debugger Deleted]
 * secureveteran.exe debugger. [IFEO Debugger Deleted]
 * Secure Veteran.exe debugger. [IFEO Debugger Deleted]
 * Security Center.exe debugger. [IFEO Debugger Deleted]
 * SecurityFighter.exe debugger. [IFEO Debugger Deleted]
 * securitysoldier.exe debugger. [IFEO Debugger Deleted]
 * serv95.exe debugger. [IFEO Debugger Deleted]
 * setloadorder.exe debugger. [IFEO Debugger Deleted]
 * setup_flowprotector_us.exe debugger. [IFEO Debugger Deleted]
 * setupvameeval.exe debugger. [IFEO Debugger Deleted]
 * sgssfw32.exe debugger. [IFEO Debugger Deleted]
 * shellspyinstall.exe debugger. [IFEO Debugger Deleted]
 * sh.exe debugger. [IFEO Debugger Deleted]
 * shield.exe debugger. [IFEO Debugger Deleted]
 * shn.exe debugger. [IFEO Debugger Deleted]
 * showbehind.exe debugger. [IFEO Debugger Deleted]
 * signcheck.exe debugger. [IFEO Debugger Deleted]
 * smart.exe debugger. [IFEO Debugger Deleted]
 * smartprotector.exe debugger. [IFEO Debugger Deleted]
 * smc.exe debugger. [IFEO Debugger Deleted]
 * smrtdefp.exe debugger. [IFEO Debugger Deleted]
 * sms.exe debugger. [IFEO Debugger Deleted]
 * smss32.exe debugger. [IFEO Debugger Deleted]
 * snetcfg.exe debugger. [IFEO Debugger Deleted]
 * soap.exe debugger. [IFEO Debugger Deleted]
 * sofi.exe debugger. [IFEO Debugger Deleted]
 * SoftSafeness.exe debugger. [IFEO Debugger Deleted]
 * sperm.exe debugger. [IFEO Debugger Deleted]
 * spf.exe debugger. [IFEO Debugger Deleted]
 * sphinx.exe debugger. [IFEO Debugger Deleted]
 * spoler.exe debugger. [IFEO Debugger Deleted]
 * spoolcv.exe debugger. [IFEO Debugger Deleted]
 * spoolsv32.exe debugger. [IFEO Debugger Deleted]
 * spywarexpguard.exe debugger. [IFEO Debugger Deleted]
 * spyxx.exe debugger. [IFEO Debugger Deleted]
 * srexe.exe debugger. [IFEO Debugger Deleted]
 * srng.exe debugger. [IFEO Debugger Deleted]
 * ss3edit.exe debugger. [IFEO Debugger Deleted]
 * ssg_4104.exe debugger. [IFEO Debugger Deleted]
 * ssgrate.exe debugger. [IFEO Debugger Deleted]
 * st2.exe debugger. [IFEO Debugger Deleted]
 * start.exe debugger. [IFEO Debugger Deleted]
 * stcloader.exe debugger. [IFEO Debugger Deleted]
 * supftrl.exe debugger. [IFEO Debugger Deleted]
 * supporter5.exe debugger. [IFEO Debugger Deleted]
 * support.exe debugger. [IFEO Debugger Deleted]
 * svc.exe debugger. [IFEO Debugger Deleted]
 * svchostc.exe debugger. [IFEO Debugger Deleted]
 * svchosts.exe debugger. [IFEO Debugger Deleted]
 * svshost.exe debugger. [IFEO Debugger Deleted]
 * sweep95.exe debugger. [IFEO Debugger Deleted]
 * sweepnet.sweepsrv.sys.swnetsup.exe debugger. [IFEO Debugger Deleted]
 * symlcsvc.exe debugger. [IFEO Debugger Deleted]
 * symproxysvc.exe debugger. [IFEO Debugger Deleted]
 * symtray.exe debugger. [IFEO Debugger Deleted]
 * system32.exe debugger. [IFEO Debugger Deleted]
 * system.exe debugger. [IFEO Debugger Deleted]
 * sysupd.exe debugger. [IFEO Debugger Deleted]
 * tapinstall.exe debugger. [IFEO Debugger Deleted]
 * taumon.exe debugger. [IFEO Debugger Deleted]
 * tbscan.exe debugger. [IFEO Debugger Deleted]
 * tca.exe debugger. [IFEO Debugger Deleted]
 * tc.exe debugger. [IFEO Debugger Deleted]
 * tcm.exe debugger. [IFEO Debugger Deleted]
 * tds2-98.exe debugger. [IFEO Debugger Deleted]
 * tds2-nt.exe debugger. [IFEO Debugger Deleted]
 * tds-3.exe debugger. [IFEO Debugger Deleted]
 * teekids.exe debugger. [IFEO Debugger Deleted]
 * tfak5.exe debugger. [IFEO Debugger Deleted]
 * tfak.exe debugger. [IFEO Debugger Deleted]
 * tgbob.exe debugger. [IFEO Debugger Deleted]
 * titanin.exe debugger. [IFEO Debugger Deleted]
 * titaninxp.exe debugger. [IFEO Debugger Deleted]
 * TPSrv.exe debugger. [IFEO Debugger Deleted]
 * trickler.exe debugger. [IFEO Debugger Deleted]
 * trjscan.exe debugger. [IFEO Debugger Deleted]
 * trjsetup.exe debugger. [IFEO Debugger Deleted]
 * trojantrap3.exe debugger. [IFEO Debugger Deleted]
 * TrustWarrior.exe debugger. [IFEO Debugger Deleted]
 * tsadbot.exe debugger. [IFEO Debugger Deleted]
 * tsc.exe debugger. [IFEO Debugger Deleted]
 * tvmd.exe debugger. [IFEO Debugger Deleted]
 * tvtmd.exe debugger. [IFEO Debugger Deleted]
 * undoboot.exe debugger. [IFEO Debugger Deleted]
 * updat.exe debugger. [IFEO Debugger Deleted]
 * upgrad.exe debugger. [IFEO Debugger Deleted]
 * utpost.exe debugger. [IFEO Debugger Deleted]
 * vbcmserv.exe debugger. [IFEO Debugger Deleted]
 * vbcons.exe debugger. [IFEO Debugger Deleted]
 * vbust.exe debugger. [IFEO Debugger Deleted]
 * vbwin9x.exe debugger. [IFEO Debugger Deleted]
 * vbwinntw.exe debugger. [IFEO Debugger Deleted]
 * vcsetup.exe debugger. [IFEO Debugger Deleted]
 * vet32.exe debugger. [IFEO Debugger Deleted]
 * vet95.exe debugger. [IFEO Debugger Deleted]
 * vettray.exe debugger. [IFEO Debugger Deleted]
 * vfsetup.exe debugger. [IFEO Debugger Deleted]
 * vir-help.exe debugger. [IFEO Debugger Deleted]
 * virusmdpersonalfirewall.exe debugger. [IFEO Debugger Deleted]
 * virusutilities.exe debugger. [IFEO Debugger Deleted]
 * VisthAux.exe debugger. [IFEO Debugger Deleted]
 * VisthLic.exe debugger. [IFEO Debugger Deleted]
 * VisthUpd.exe debugger. [IFEO Debugger Deleted]
 * vnlan300.exe debugger. [IFEO Debugger Deleted]
 * vnpc3000.exe debugger. [IFEO Debugger Deleted]
 * vpc32.exe debugger. [IFEO Debugger Deleted]
 * vpc42.exe debugger. [IFEO Debugger Deleted]
 * vpfw30s.exe debugger. [IFEO Debugger Deleted]
 * vptray.exe debugger. [IFEO Debugger Deleted]
 * vscan40.exe debugger. [IFEO Debugger Deleted]
 * vscenu6.02d30.exe debugger. [IFEO Debugger Deleted]
 * vsched.exe debugger. [IFEO Debugger Deleted]
 * vsecomr.exe debugger. [IFEO Debugger Deleted]
 * vshwin32.exe debugger. [IFEO Debugger Deleted]
 * vsisetup.exe debugger. [IFEO Debugger Deleted]
 * vsmain.exe debugger. [IFEO Debugger Deleted]
 * vsmon.exe debugger. [IFEO Debugger Deleted]
 * vsstat.exe debugger. [IFEO Debugger Deleted]
 * vswin9xe.exe debugger. [IFEO Debugger Deleted]
 * vswinntse.exe debugger. [IFEO Debugger Deleted]
 * vswinperse.exe debugger. [IFEO Debugger Deleted]
 * w32dsm89.exe debugger. [IFEO Debugger Deleted]
 * W3asbas.exe debugger. [IFEO Debugger Deleted]
 * w9x.exe debugger. [IFEO Debugger Deleted]
 * watchdog.exe debugger. [IFEO Debugger Deleted]
 * webdav.exe debugger. [IFEO Debugger Deleted]
 * WebProxy.exe debugger. [IFEO Debugger Deleted]
 * webscanx.exe debugger. [IFEO Debugger Deleted]
 * webtrap.exe debugger. [IFEO Debugger Deleted]
 * wfindv32.exe debugger. [IFEO Debugger Deleted]
 * whoswatchingme.exe debugger. [IFEO Debugger Deleted]
 * wimmun32.exe debugger. [IFEO Debugger Deleted]
 * win32.exe debugger. [IFEO Debugger Deleted]
 * win32us.exe debugger. [IFEO Debugger Deleted]
 * winactive.exe debugger. [IFEO Debugger Deleted]
 * winav.exe debugger. [IFEO Debugger Deleted]
 * win-bugsfix.exe debugger. [IFEO Debugger Deleted]
 * windll32.exe debugger. [IFEO Debugger Deleted]
 * window.exe debugger. [IFEO Debugger Deleted]
 * windows.exe debugger. [IFEO Debugger Deleted]
 * windows Police Pro.exe debugger. [IFEO Debugger Deleted]
 * wininetd.exe debugger. [IFEO Debugger Deleted]
 * wininitx.exe debugger. [IFEO Debugger Deleted]
 * winlogin.exe debugger. [IFEO Debugger Deleted]
 * winmain.exe debugger. [IFEO Debugger Deleted]
 * winppr32.exe debugger. [IFEO Debugger Deleted]
 * winrecon.exe debugger. [IFEO Debugger Deleted]
 * winservn.exe debugger. [IFEO Debugger Deleted]
 * winssk32.exe debugger. [IFEO Debugger Deleted]
 * winstart001.exe debugger. [IFEO Debugger Deleted]
 * winstart.exe debugger. [IFEO Debugger Deleted]
 * wintsk32.exe debugger. [IFEO Debugger Deleted]
 * winupdate.exe debugger. [IFEO Debugger Deleted]
 * wkufind.exe debugger. [IFEO Debugger Deleted]
 * wnad.exe debugger. [IFEO Debugger Deleted]
 * wnt.exe debugger. [IFEO Debugger Deleted]
 * wradmin.exe debugger. [IFEO Debugger Deleted]
 * wrctrl.exe debugger. [IFEO Debugger Deleted]
 * wsbgate.exe debugger. [IFEO Debugger Deleted]
 * wscfxas.exe debugger. [IFEO Debugger Deleted]
 * wscfxav.exe debugger. [IFEO Debugger Deleted]
 * wscfxfw.exe debugger. [IFEO Debugger Deleted]
 * wsctool.exe debugger. [IFEO Debugger Deleted]
 * wupdater.exe debugger. [IFEO Debugger Deleted]
 * wupdt.exe debugger. [IFEO Debugger Deleted]
 * wyvernworksfirewall.exe debugger. [IFEO Debugger Deleted]
 * xp_antispyware.exe debugger. [IFEO Debugger Deleted]
 * xpdeluxe.exe debugger. [IFEO Debugger Deleted]
 * xpf202en.exe debugger. [IFEO Debugger Deleted]
 * zapro.exe debugger. [IFEO Debugger Deleted]
 * zapsetup3001.exe debugger. [IFEO Debugger Deleted]
 * zatutor.exe debugger. [IFEO Debugger Deleted]
 * zonalm2601.exe debugger. [IFEO Debugger Deleted]
 * zonealarm.exe debugger. [IFEO Debugger Deleted]
 
Backup Registry file created at:
 C:\Users\Innes\Desktop\rkill\rkill-10-09-2014-06-15-44.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Reparse Point/Junctions Found (Most likely legitimate)!
 
     * C:\windows\AppPatch\spbin => C:\PROGRA~2\SearchProtect\SearchProtect\bin [Dir]
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Disabled
 
 * Security Center (wscsvc) is not Running.
   Startup Type set to: Disabled
 
 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Disabled
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 10/09/2014 06:17:03 PM
Execution time: 0 hours(s), 1 minute(s), and 38 seconds(s)
 


#4 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 09 October 2014 - 09:37 PM

TDSS Killer Log # 1

 

18:27:56.0571 0x0ff4  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:28:01.0015 0x0ff4  ============================================================
18:28:01.0016 0x0ff4  Current date / time: 2014/10/09 18:28:01.0015
18:28:01.0016 0x0ff4  SystemInfo:
18:28:01.0016 0x0ff4  
18:28:01.0016 0x0ff4  OS Version: 6.1.7601 ServicePack: 1.0
18:28:01.0016 0x0ff4  Product type: Workstation
18:28:01.0016 0x0ff4  ComputerName: TCHUME
18:28:01.0017 0x0ff4  UserName: Innes
18:28:01.0017 0x0ff4  Windows directory: C:\windows
18:28:01.0017 0x0ff4  System windows directory: C:\windows
18:28:01.0017 0x0ff4  Running under WOW64
18:28:01.0017 0x0ff4  Processor architecture: Intel x64
18:28:01.0017 0x0ff4  Number of processors: 2
18:28:01.0017 0x0ff4  Page size: 0x1000
18:28:01.0017 0x0ff4  Boot type: Normal boot
18:28:01.0017 0x0ff4  ============================================================
18:28:03.0707 0x0ff4  KLMD registered as C:\windows\system32\drivers\31513260.sys
18:28:03.0915 0x0ff4  System UUID: {6BF95E0D-6768-C6F7-2346-DB6E00181612}
18:28:04.0611 0x0ff4  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:28:04.0622 0x0ff4  ============================================================
18:28:04.0622 0x0ff4  \Device\Harddisk0\DR0:
18:28:04.0623 0x0ff4  MBR partitions:
18:28:04.0623 0x0ff4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x235D7000
18:28:04.0623 0x0ff4  ============================================================
18:28:04.0657 0x0ff4  C: <-> \Device\Harddisk0\DR0\Partition1
18:28:04.0657 0x0ff4  ============================================================
18:28:04.0657 0x0ff4  Initialize success
18:28:04.0657 0x0ff4  ============================================================
18:29:26.0916 0x068c  ============================================================
18:29:26.0916 0x068c  Scan started
18:29:26.0916 0x068c  Mode: Manual; 
18:29:26.0917 0x068c  ============================================================
18:29:26.0917 0x068c  KSN ping started
18:29:29.0885 0x068c  KSN ping finished: true
18:29:31.0278 0x068c  ================ Scan system memory ========================
18:29:31.0279 0x068c  System memory - ok
18:29:31.0280 0x068c  ================ Scan services =============================
18:29:31.0572 0x068c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
18:29:31.0593 0x068c  1394ohci - ok
18:29:31.0670 0x068c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
18:29:31.0686 0x068c  ACPI - ok
18:29:31.0708 0x068c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
18:29:31.0711 0x068c  AcpiPmi - ok
18:29:31.0771 0x068c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
18:29:31.0794 0x068c  adp94xx - ok
18:29:31.0845 0x068c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
18:29:31.0862 0x068c  adpahci - ok
18:29:31.0889 0x068c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
18:29:31.0899 0x068c  adpu320 - ok
18:29:31.0936 0x068c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
18:29:31.0941 0x068c  AeLookupSvc - ok
18:29:31.0998 0x068c  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\windows\system32\drivers\afd.sys
18:29:32.0021 0x068c  AFD - ok
18:29:32.0071 0x068c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
18:29:32.0075 0x068c  agp440 - ok
18:29:32.0116 0x068c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
18:29:32.0121 0x068c  ALG - ok
18:29:32.0154 0x068c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
18:29:32.0157 0x068c  aliide - ok
18:29:32.0210 0x068c  [ 2F2E91FD092811353C3BC968BEC274D8, F71D4C1C54FF5163AFB5603529F7F9950BBBC09FBDFEB24E404AEF77F416691A ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
18:29:32.0220 0x068c  AMD External Events Utility - ok
18:29:32.0255 0x068c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
18:29:32.0258 0x068c  amdide - ok
18:29:32.0288 0x068c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
18:29:32.0293 0x068c  AmdK8 - ok
18:29:32.0850 0x068c  [ 194D76D2083318A2E7071A988E02ECF4, DC989BBA41446EB5306C876AE3301A7E67F03EBA43C7FDBE9AB01784895514F6 ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
18:29:33.0383 0x068c  amdkmdag - ok
18:29:33.0463 0x068c  [ 1EEFFCE9A3A65A56A28793EAA3F57026, 9ED49D049713813A69131D0E06DBF13F08D227BD4348A505A5AAB4763C4C7CBE ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
18:29:33.0477 0x068c  amdkmdap - ok
18:29:33.0518 0x068c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
18:29:33.0521 0x068c  AmdPPM - ok
18:29:33.0548 0x068c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
18:29:33.0554 0x068c  amdsata - ok
18:29:33.0597 0x068c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
18:29:33.0607 0x068c  amdsbs - ok
18:29:33.0618 0x068c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
18:29:33.0621 0x068c  amdxata - ok
18:29:33.0653 0x068c  [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7, B8953CC6B833E76F1483EFDB0198F14FA43E530D1A9FEA33260FD2EDB811B230 ] amd_sata        C:\windows\system32\DRIVERS\amd_sata.sys
18:29:33.0656 0x068c  amd_sata - ok
18:29:33.0680 0x068c  [ 23726116B4FBCC84FC45B95157C08F5F, BCF1762FFB36D3846628917DC86CF26A83BDFE7D3DE54F8D6B1B1D3AC3E73F02 ] amd_xata        C:\windows\system32\DRIVERS\amd_xata.sys
18:29:33.0684 0x068c  amd_xata - ok
18:29:33.0719 0x068c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
18:29:33.0723 0x068c  AppID - ok
18:29:33.0751 0x068c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
18:29:33.0754 0x068c  AppIDSvc - ok
18:29:33.0776 0x068c  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\windows\System32\appinfo.dll
18:29:33.0781 0x068c  Appinfo - ok
18:29:33.0812 0x068c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
18:29:33.0818 0x068c  arc - ok
18:29:33.0852 0x068c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
18:29:33.0858 0x068c  arcsas - ok
18:29:33.0976 0x068c  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:29:33.0979 0x068c  aspnet_state - ok
18:29:34.0009 0x068c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
18:29:34.0012 0x068c  AsyncMac - ok
18:29:34.0040 0x068c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
18:29:34.0043 0x068c  atapi - ok
18:29:34.0122 0x068c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:29:34.0168 0x068c  AudioEndpointBuilder - ok
18:29:34.0222 0x068c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
18:29:34.0249 0x068c  AudioSrv - ok
18:29:34.0312 0x068c  AVGIDSAgent - ok
18:29:34.0356 0x068c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
18:29:34.0363 0x068c  AxInstSV - ok
18:29:34.0425 0x068c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
18:29:34.0447 0x068c  b06bdrv - ok
18:29:34.0491 0x068c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
18:29:34.0526 0x068c  b57nd60a - ok
18:29:34.0714 0x068c  [ A03D8A69FB2681F535D2E49583DC5A48, 6F85EA89DD137956A46BA80AB7380BC84DE2CC2577BDC8BC6C31B299A2F8A302 ] BackupStack     C:\Program Files (x86)\MyPC Backup\BackupStack.exe
18:29:34.0717 0x068c  BackupStack - ok
18:29:34.0764 0x068c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
18:29:34.0770 0x068c  BDESVC - ok
18:29:34.0789 0x068c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
18:29:34.0791 0x068c  Beep - ok
18:29:34.0872 0x068c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
18:29:34.0917 0x068c  BFE - ok
18:29:35.0099 0x068c  [ C8AB71A5102D0FC103F6DFC750005137, F8D3E24B5F4FB672B550AFF410591AE2638993250752421CD9C671F9D62B6A1C ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120619.001\BHDrvx64.sys
18:29:35.0179 0x068c  BHDrvx64 - ok
18:29:35.0251 0x068c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
18:29:35.0307 0x068c  BITS - ok
18:29:35.0354 0x068c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
18:29:35.0358 0x068c  blbdrive - ok
18:29:35.0399 0x068c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
18:29:35.0404 0x068c  bowser - ok
18:29:35.0430 0x068c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
18:29:35.0433 0x068c  BrFiltLo - ok
18:29:35.0456 0x068c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
18:29:35.0458 0x068c  BrFiltUp - ok
18:29:35.0507 0x068c  [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser         C:\windows\System32\browser.dll
18:29:35.0513 0x068c  Browser - ok
18:29:35.0569 0x068c  BrowserDefendert - ok
18:29:35.0621 0x068c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
18:29:35.0635 0x068c  Brserid - ok
18:29:35.0652 0x068c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
18:29:35.0657 0x068c  BrSerWdm - ok
18:29:35.0670 0x068c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
18:29:35.0672 0x068c  BrUsbMdm - ok
18:29:35.0691 0x068c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
18:29:35.0694 0x068c  BrUsbSer - ok
18:29:35.0713 0x068c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
18:29:35.0718 0x068c  BTHMODEM - ok
18:29:35.0765 0x068c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
18:29:35.0771 0x068c  bthserv - ok
18:29:35.0960 0x068c  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
18:29:36.0028 0x068c  c2cautoupdatesvc - ok
18:29:36.0181 0x068c  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
18:29:36.0252 0x068c  c2cpnrsvc - ok
18:29:36.0451 0x068c  [ 0E1737A63AEC0F6DE231BB59836C0A11, A67B1075E47B75CD271FB653F63D454499926C5D074BE7D1DF1D804F6C9AFE07 ] ccSet_NIS       C:\windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys
18:29:36.0494 0x068c  ccSet_NIS - ok
18:29:36.0528 0x068c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
18:29:36.0537 0x068c  cdfs - ok
18:29:36.0667 0x068c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
18:29:36.0693 0x068c  cdrom - ok
18:29:36.0774 0x068c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
18:29:36.0784 0x068c  CertPropSvc - ok
18:29:36.0809 0x068c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
18:29:36.0813 0x068c  circlass - ok
18:29:36.0871 0x068c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
18:29:36.0889 0x068c  CLFS - ok
18:29:36.0966 0x068c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:29:36.0975 0x068c  clr_optimization_v2.0.50727_32 - ok
18:29:37.0027 0x068c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:29:37.0034 0x068c  clr_optimization_v2.0.50727_64 - ok
18:29:37.0133 0x068c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:29:37.0142 0x068c  clr_optimization_v4.0.30319_32 - ok
18:29:37.0168 0x068c  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:29:37.0176 0x068c  clr_optimization_v4.0.30319_64 - ok
18:29:37.0644 0x068c  [ 3D07FF372150CCBEE52F58DA87D3AC4A, BDBBB3E3406F6CEDAA8B350213981B314F94F6913C38241D22BFC384C12C1884 ] CltMngSvc       C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
18:29:37.0911 0x068c  CltMngSvc - ok
18:29:37.0969 0x068c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
18:29:37.0971 0x068c  CmBatt - ok
18:29:37.0996 0x068c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
18:29:37.0998 0x068c  cmdide - ok
18:29:38.0063 0x068c  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\windows\system32\Drivers\cng.sys
18:29:38.0085 0x068c  CNG - ok
18:29:38.0208 0x068c  [ 99B1B888B793DE320C5479B3C953781F, 6A499F916132998FBDFA587823A11C2ED1D27DED10374F6A41BA5861A2FF969E ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
18:29:38.0299 0x068c  CnxtHdAudService - ok
18:29:38.0347 0x068c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
18:29:38.0350 0x068c  Compbatt - ok
18:29:38.0367 0x068c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
18:29:38.0371 0x068c  CompositeBus - ok
18:29:38.0385 0x068c  COMSysApp - ok
18:29:38.0406 0x068c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
18:29:38.0409 0x068c  crcdisk - ok
18:29:38.0455 0x068c  [ 4F5414602E2544A4554D95517948B705, 50121AD32ACF73F541DF3B655020F7B610B3E7B5E8C7B39D37D5958F28CB376E ] CryptSvc        C:\windows\system32\cryptsvc.dll
18:29:38.0464 0x068c  CryptSvc - ok
18:29:38.0582 0x068c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
18:29:38.0631 0x068c  DcomLaunch - ok
18:29:38.0760 0x068c  [ 2AB40D0F2C34549604C75DC0B54451E7, 9C309E075FEF2D2024593AC93A6601C5271A4B45A2F3F1585E2F03798558D835 ] DefaultTabSearch C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
18:29:38.0800 0x068c  DefaultTabSearch - ok
18:29:38.0948 0x068c  [ 34AE0DFA3EE3B5B9975042D87332D0B7, 4388BFA4F8F6E345F68220DF12DA7E5B986479CBA40246EB0BCACFA4FCCEF606 ] DefaultTabUpdate C:\Users\Innes\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
18:29:38.0958 0x068c  DefaultTabUpdate - ok
18:29:39.0008 0x068c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
18:29:39.0025 0x068c  defragsvc - ok
18:29:39.0052 0x068c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
18:29:39.0058 0x068c  DfsC - ok
18:29:39.0100 0x068c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
18:29:39.0116 0x068c  Dhcp - ok
18:29:39.0135 0x068c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
18:29:39.0138 0x068c  discache - ok
18:29:39.0168 0x068c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
18:29:39.0173 0x068c  Disk - ok
18:29:39.0227 0x068c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
18:29:39.0237 0x068c  Dnscache - ok
18:29:39.0259 0x068c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
18:29:39.0273 0x068c  dot3svc - ok
18:29:39.0295 0x068c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
18:29:39.0304 0x068c  DPS - ok
18:29:39.0344 0x068c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
18:29:39.0346 0x068c  drmkaud - ok
18:29:39.0420 0x068c  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
18:29:39.0483 0x068c  DXGKrnl - ok
18:29:39.0531 0x068c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
18:29:39.0538 0x068c  EapHost - ok
18:29:39.0745 0x068c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
18:29:39.0929 0x068c  ebdrv - ok
18:29:40.0006 0x068c  [ BA6420C1F7070ED8F1BA372844F3E1EC, CCDE7BA9AE5AF78860AC97F79A05A974FFAFE7F695099206C2036011CBAA25AB ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:29:40.0030 0x068c  eeCtrl - ok
18:29:40.0070 0x068c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\windows\System32\lsass.exe
18:29:40.0076 0x068c  EFS - ok
18:29:40.0161 0x068c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
18:29:40.0205 0x068c  ehRecvr - ok
18:29:40.0241 0x068c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
18:29:40.0253 0x068c  ehSched - ok
18:29:40.0479 0x068c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
18:29:40.0504 0x068c  elxstor - ok
18:29:40.0624 0x068c  [ 1343DF3451BC0C442DC69837C6FBA21B, A09E1BE327D7CE41A1380BA8C480883F129FDA7BD476C31D4BC1DB099C920EB8 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:29:40.0673 0x068c  EraserUtilRebootDrv - ok
18:29:40.0703 0x068c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
18:29:40.0715 0x068c  ErrDev - ok
18:29:40.0795 0x068c  [ 5D82D501D2FEE413B1F45F0302B5802C, 7E38321AB281A99C3966C9E0C409CEA01926C2600331AE39BC1A063183E663E7 ] ETD             C:\windows\system32\DRIVERS\ETD.sys
18:29:40.0808 0x068c  ETD - ok
18:29:40.0867 0x068c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
18:29:40.0885 0x068c  EventSystem - ok
18:29:40.0934 0x068c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
18:29:40.0945 0x068c  exfat - ok
18:29:40.0972 0x068c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
18:29:40.0983 0x068c  fastfat - ok
18:29:41.0075 0x068c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
18:29:41.0116 0x068c  Fax - ok
18:29:41.0151 0x068c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
18:29:41.0154 0x068c  fdc - ok
18:29:41.0197 0x068c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
18:29:41.0200 0x068c  fdPHost - ok
18:29:41.0216 0x068c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
18:29:41.0220 0x068c  FDResPub - ok
18:29:41.0287 0x068c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
18:29:41.0298 0x068c  FileInfo - ok
18:29:41.0316 0x068c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
18:29:41.0322 0x068c  Filetrace - ok
18:29:41.0395 0x068c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
18:29:41.0439 0x068c  flpydisk - ok
18:29:41.0481 0x068c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
18:29:41.0497 0x068c  FltMgr - ok
18:29:41.0590 0x068c  [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache       C:\windows\system32\FntCache.dll
18:29:41.0659 0x068c  FontCache - ok
18:29:41.0722 0x068c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:29:41.0724 0x068c  FontCache3.0.0.0 - ok
18:29:41.0756 0x068c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
18:29:41.0764 0x068c  FsDepends - ok
18:29:41.0809 0x068c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
18:29:41.0813 0x068c  Fs_Rec - ok
18:29:41.0852 0x068c  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
18:29:41.0864 0x068c  fvevol - ok
18:29:41.0904 0x068c  [ 60ACB128E64C35C2B4E4AAB1B0A5C293, 7B476AB5E95529A894F95397C753662F4C58D1FE89F4648271251DA77C5A3FA9 ] FwLnk           C:\windows\system32\DRIVERS\FwLnk.sys
18:29:41.0906 0x068c  FwLnk - ok
18:29:41.0946 0x068c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
18:29:41.0950 0x068c  gagp30kx - ok
18:29:42.0014 0x068c  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
18:29:42.0030 0x068c  GamesAppService - ok
18:29:42.0129 0x068c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
18:29:42.0172 0x068c  gpsvc - ok
18:29:42.0229 0x068c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:29:42.0236 0x068c  gupdate - ok
18:29:42.0257 0x068c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:29:42.0264 0x068c  gupdatem - ok
18:29:42.0311 0x068c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:29:42.0321 0x068c  gusvc - ok
18:29:42.0356 0x068c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
18:29:42.0359 0x068c  hcw85cir - ok
18:29:42.0399 0x068c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:29:42.0416 0x068c  HdAudAddService - ok
18:29:42.0451 0x068c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
18:29:42.0458 0x068c  HDAudBus - ok
18:29:42.0482 0x068c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
18:29:42.0485 0x068c  HidBatt - ok
18:29:42.0528 0x068c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
18:29:42.0544 0x068c  HidBth - ok
18:29:42.0590 0x068c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
18:29:42.0628 0x068c  HidIr - ok
18:29:42.0666 0x068c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
18:29:42.0692 0x068c  hidserv - ok
18:29:42.0733 0x068c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
18:29:42.0736 0x068c  HidUsb - ok
18:29:42.0764 0x068c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
18:29:42.0771 0x068c  hkmsvc - ok
18:29:42.0792 0x068c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:29:42.0805 0x068c  HomeGroupListener - ok
18:29:42.0843 0x068c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:29:42.0854 0x068c  HomeGroupProvider - ok
18:29:42.0901 0x068c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
18:29:42.0906 0x068c  HpSAMD - ok
18:29:42.0978 0x068c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
18:29:43.0034 0x068c  HTTP - ok
18:29:43.0055 0x068c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
18:29:43.0058 0x068c  hwpolicy - ok
18:29:43.0083 0x068c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
18:29:43.0089 0x068c  i8042prt - ok
18:29:43.0143 0x068c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
18:29:43.0163 0x068c  iaStorV - ok
18:29:43.0250 0x068c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:29:43.0307 0x068c  idsvc - ok
18:29:43.0426 0x068c  [ CE0BF35C79E03BB89DA6B14FAC838605, FD8526FDEC45F698B1B1A2799592D3E8B45B09EF0BDFD7542CB2D30E4CD0F4F4 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120703.002\IDSvia64.sys
18:29:43.0468 0x068c  IDSVia64 - ok
18:29:43.0496 0x068c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
18:29:43.0500 0x068c  iirsp - ok
18:29:43.0571 0x068c  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\windows\System32\ikeext.dll
18:29:43.0627 0x068c  IKEEXT - ok
18:29:43.0659 0x068c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
18:29:43.0662 0x068c  intelide - ok
18:29:43.0702 0x068c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\drivers\intelppm.sys
18:29:43.0706 0x068c  intelppm - ok
18:29:43.0752 0x068c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
18:29:43.0759 0x068c  IPBusEnum - ok
18:29:43.0786 0x068c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
18:29:43.0794 0x068c  IpFilterDriver - ok
18:29:43.0845 0x068c  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
18:29:43.0872 0x068c  iphlpsvc - ok
18:29:43.0907 0x068c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
18:29:43.0912 0x068c  IPMIDRV - ok
18:29:43.0929 0x068c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
18:29:43.0936 0x068c  IPNAT - ok
18:29:43.0970 0x068c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
18:29:43.0972 0x068c  IRENUM - ok
18:29:43.0992 0x068c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
18:29:43.0995 0x068c  isapnp - ok
18:29:44.0022 0x068c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
18:29:44.0036 0x068c  iScsiPrt - ok
18:29:44.0062 0x068c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
18:29:44.0065 0x068c  kbdclass - ok
18:29:44.0099 0x068c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
18:29:44.0102 0x068c  kbdhid - ok
18:29:44.0126 0x068c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\windows\system32\lsass.exe
18:29:44.0129 0x068c  KeyIso - ok
18:29:44.0159 0x068c  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
18:29:44.0165 0x068c  KSecDD - ok
18:29:44.0196 0x068c  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
18:29:44.0205 0x068c  KSecPkg - ok
18:29:44.0229 0x068c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
18:29:44.0231 0x068c  ksthunk - ok
18:29:44.0295 0x068c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
18:29:44.0330 0x068c  KtmRm - ok
18:29:44.0378 0x068c  [ 0E154DA6CA9105354A07D0C576804037, 10A7F6E2A031C2D96B362411DCA2C347E7D7B6ADED9021674E0E633AB9F45D7B ] L1C             C:\windows\system32\DRIVERS\L1C62x64.sys
18:29:44.0386 0x068c  L1C - ok
18:29:44.0448 0x068c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
18:29:44.0473 0x068c  LanmanServer - ok
18:29:44.0538 0x068c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:29:44.0575 0x068c  LanmanWorkstation - ok
18:29:44.0688 0x068c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
18:29:44.0698 0x068c  lltdio - ok
18:29:44.0736 0x068c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
18:29:44.0752 0x068c  lltdsvc - ok
18:29:44.0777 0x068c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
18:29:44.0781 0x068c  lmhosts - ok
18:29:44.0832 0x068c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
18:29:44.0839 0x068c  LSI_FC - ok
18:29:44.0864 0x068c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
18:29:44.0871 0x068c  LSI_SAS - ok
18:29:44.0904 0x068c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
18:29:44.0908 0x068c  LSI_SAS2 - ok
18:29:44.0946 0x068c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
18:29:44.0955 0x068c  LSI_SCSI - ok
18:29:44.0979 0x068c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
18:29:44.0986 0x068c  luafv - ok
18:29:45.0022 0x068c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
18:29:45.0029 0x068c  Mcx2Svc - ok
18:29:45.0056 0x068c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
18:29:45.0060 0x068c  megasas - ok
18:29:45.0112 0x068c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
18:29:45.0127 0x068c  MegaSR - ok
18:29:45.0162 0x068c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
18:29:45.0167 0x068c  MMCSS - ok
18:29:45.0190 0x068c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
18:29:45.0195 0x068c  Modem - ok
18:29:45.0220 0x068c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
18:29:45.0223 0x068c  monitor - ok
18:29:45.0248 0x068c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
18:29:45.0251 0x068c  mouclass - ok
18:29:45.0271 0x068c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
18:29:45.0274 0x068c  mouhid - ok
18:29:45.0289 0x068c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
18:29:45.0296 0x068c  mountmgr - ok
18:29:45.0321 0x068c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
18:29:45.0331 0x068c  mpio - ok
18:29:45.0371 0x068c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
18:29:45.0375 0x068c  mpsdrv - ok
18:29:45.0449 0x068c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
18:29:45.0495 0x068c  MpsSvc - ok
18:29:45.0541 0x068c  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
18:29:45.0549 0x068c  MRxDAV - ok
18:29:45.0566 0x068c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
18:29:45.0574 0x068c  mrxsmb - ok
18:29:45.0609 0x068c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
18:29:45.0624 0x068c  mrxsmb10 - ok
18:29:45.0640 0x068c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
18:29:45.0647 0x068c  mrxsmb20 - ok
18:29:45.0658 0x068c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
18:29:45.0661 0x068c  msahci - ok
18:29:45.0686 0x068c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
18:29:45.0694 0x068c  msdsm - ok
18:29:45.0722 0x068c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
18:29:45.0731 0x068c  MSDTC - ok
18:29:45.0773 0x068c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
18:29:45.0778 0x068c  Msfs - ok
18:29:45.0802 0x068c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
18:29:45.0804 0x068c  mshidkmdf - ok
18:29:45.0820 0x068c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
18:29:45.0823 0x068c  msisadrv - ok
18:29:45.0867 0x068c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
18:29:45.0887 0x068c  MSiSCSI - ok
18:29:45.0902 0x068c  msiserver - ok
18:29:45.0939 0x068c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
18:29:45.0943 0x068c  MSKSSRV - ok
18:29:45.0990 0x068c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
18:29:45.0995 0x068c  MSPCLOCK - ok
18:29:46.0020 0x068c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
18:29:46.0023 0x068c  MSPQM - ok
18:29:46.0077 0x068c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
18:29:46.0095 0x068c  MsRPC - ok
18:29:46.0118 0x068c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
18:29:46.0121 0x068c  mssmbios - ok
18:29:46.0147 0x068c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
18:29:46.0149 0x068c  MSTEE - ok
18:29:46.0166 0x068c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
18:29:46.0168 0x068c  MTConfig - ok
18:29:46.0193 0x068c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
18:29:46.0198 0x068c  Mup - ok
18:29:46.0244 0x068c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
18:29:46.0268 0x068c  napagent - ok
18:29:46.0326 0x068c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
18:29:46.0341 0x068c  NativeWifiP - ok
18:29:46.0470 0x068c  [ 8043D41F881D6ACE40B854AD6E32217F, FC6D7C580CF0F0B63F6AB76F14BBABD2F5A6CE5970A5200EF0E59306AD07F1FA ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120702.002\ENG64.SYS
18:29:46.0517 0x068c  NAVENG - ok
18:29:46.0856 0x068c  [ 9A9AB2FC45D701DAED465D14980F1305, 29FA383D6D739D286825D3F61017ED389865449CCAACF0B64B2A546605176383 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120702.002\EX64.SYS
18:29:46.0948 0x068c  NAVEX15 - ok
18:29:47.0035 0x068c  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\windows\system32\drivers\ndis.sys
18:29:47.0091 0x068c  NDIS - ok
18:29:47.0124 0x068c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
18:29:47.0128 0x068c  NdisCap - ok
18:29:47.0169 0x068c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
18:29:47.0172 0x068c  NdisTapi - ok
18:29:47.0201 0x068c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
18:29:47.0204 0x068c  Ndisuio - ok
18:29:47.0228 0x068c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
18:29:47.0237 0x068c  NdisWan - ok
18:29:47.0252 0x068c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
18:29:47.0255 0x068c  NDProxy - ok
18:29:47.0275 0x068c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
18:29:47.0278 0x068c  NetBIOS - ok
18:29:47.0305 0x068c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
18:29:47.0318 0x068c  NetBT - ok
18:29:47.0373 0x068c  [ A67C9313FF34D6AD345DC871D0095D88, 0834A0CB3A7A4E953013D0421F4818804EEDF644A1CE818B2546B33CEEA99F19 ] nethfdrv        C:\windows\system32\drivers\nethfdrv.sys
18:29:47.0377 0x068c  nethfdrv - ok
18:29:47.0527 0x068c  [ E21F14CFD4668FFDAC95E750A0230AE0, 3B232DB25A3FA6C80384B52AD6E210268BB4346FA35263E92DE01BFB2644FD34 ] NetHttpService  C:\windows\SysWOW64\nethtsrv.exe
18:29:47.0545 0x068c  NetHttpService - ok
18:29:47.0571 0x068c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\windows\system32\lsass.exe
18:29:47.0574 0x068c  Netlogon - ok
18:29:47.0624 0x068c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
18:29:47.0642 0x068c  Netman - ok
18:29:47.0726 0x068c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:29:47.0735 0x068c  NetMsmqActivator - ok
18:29:47.0750 0x068c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:29:47.0757 0x068c  NetPipeActivator - ok
18:29:47.0796 0x068c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
18:29:47.0820 0x068c  netprofm - ok
18:29:47.0837 0x068c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:29:47.0844 0x068c  NetTcpActivator - ok
18:29:47.0857 0x068c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:29:47.0864 0x068c  NetTcpPortSharing - ok
18:29:47.0906 0x068c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
18:29:47.0910 0x068c  nfrd960 - ok
18:29:47.0991 0x068c  [ C6948F034D7EDABCFA2234D399FC78BC, EDB56D870F0251B88FFF52E6733F6A613AA1629F1F0CB55841FD8F46D7882D15 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
18:29:48.0004 0x068c  NIS - ok
18:29:48.0065 0x068c  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\windows\System32\nlasvc.dll
18:29:48.0095 0x068c  NlaSvc - ok
18:29:48.0130 0x068c  Norton PC Checkup Application Launcher - ok
18:29:48.0170 0x068c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
18:29:48.0177 0x068c  Npfs - ok
18:29:48.0205 0x068c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
18:29:48.0213 0x068c  nsi - ok
18:29:48.0229 0x068c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
18:29:48.0233 0x068c  nsiproxy - ok
18:29:48.0365 0x068c  [ A2F74975097F52A00745F9637451FDD8, C681DDBD3382C477C2A030E828B5CFB529CB57C7847BD9AFF25E2A5E58B2DAF3 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
18:29:48.0454 0x068c  Ntfs - ok
18:29:48.0475 0x068c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
18:29:48.0477 0x068c  Null - ok
18:29:48.0524 0x068c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
18:29:48.0565 0x068c  nvraid - ok
18:29:48.0626 0x068c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
18:29:48.0651 0x068c  nvstor - ok
18:29:48.0699 0x068c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
18:29:48.0712 0x068c  nv_agp - ok
18:29:48.0735 0x068c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
18:29:48.0744 0x068c  ohci1394 - ok
18:29:48.0797 0x068c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
18:29:48.0814 0x068c  p2pimsvc - ok
18:29:48.0875 0x068c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
18:29:48.0897 0x068c  p2psvc - ok
18:29:48.0943 0x068c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys
18:29:48.0949 0x068c  Parport - ok
18:29:48.0979 0x068c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
18:29:48.0984 0x068c  partmgr - ok
18:29:49.0002 0x068c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
18:29:49.0013 0x068c  PcaSvc - ok
18:29:49.0048 0x068c  [ 2F86BE1818C2D7AC90478E3323EE7FCB, CE721FCFFDC9D24483DEB6BB77DAFEBE79BA143CA2EE68BF28E2A9297AADB2D4 ] PCCUJobMgr      C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
18:29:49.0054 0x068c  PCCUJobMgr - ok
18:29:49.0091 0x068c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
18:29:49.0101 0x068c  pci - ok
18:29:49.0112 0x068c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\DRIVERS\pciide.sys
18:29:49.0114 0x068c  pciide - ok
18:29:49.0143 0x068c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
18:29:49.0164 0x068c  pcmcia - ok
18:29:49.0307 0x068c  [ 953615A27D3E873E71320E2FE464049C, 23455D4A6A7319C545AD3BE4E5C9306B734D06661F85B02E43CF8870377BB264 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
18:29:49.0345 0x068c  PCToolsSSDMonitorSvc - ok
18:29:49.0378 0x068c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
18:29:49.0382 0x068c  pcw - ok
18:29:49.0443 0x068c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
18:29:49.0473 0x068c  PEAUTH - ok
18:29:49.0502 0x068c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
18:29:49.0506 0x068c  PerfHost - ok
18:29:49.0564 0x068c  [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] PGEffect        C:\windows\system32\DRIVERS\pgeffect.sys
18:29:49.0567 0x068c  PGEffect - ok
18:29:49.0694 0x068c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
18:29:49.0778 0x068c  pla - ok
18:29:49.0851 0x068c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
18:29:49.0873 0x068c  PlugPlay - ok
18:29:49.0893 0x068c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
18:29:49.0898 0x068c  PNRPAutoReg - ok
18:29:49.0923 0x068c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
18:29:49.0939 0x068c  PNRPsvc - ok
18:29:49.0995 0x068c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
18:29:50.0021 0x068c  PolicyAgent - ok
18:29:50.0066 0x068c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
18:29:50.0076 0x068c  Power - ok
18:29:50.0118 0x068c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
18:29:50.0127 0x068c  PptpMiniport - ok
18:29:50.0156 0x068c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys
18:29:50.0162 0x068c  Processor - ok
18:29:50.0201 0x068c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
18:29:50.0213 0x068c  ProfSvc - ok
18:29:50.0238 0x068c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\windows\system32\lsass.exe
18:29:50.0243 0x068c  ProtectedStorage - ok
18:29:50.0276 0x068c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
18:29:50.0284 0x068c  Psched - ok
18:29:50.0379 0x068c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys
18:29:50.0471 0x068c  ql2300 - ok
18:29:50.0517 0x068c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
18:29:50.0525 0x068c  ql40xx - ok
18:29:50.0583 0x068c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
18:29:50.0625 0x068c  QWAVE - ok
18:29:50.0655 0x068c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
18:29:50.0666 0x068c  QWAVEdrv - ok
18:29:50.0692 0x068c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
18:29:50.0703 0x068c  RasAcd - ok
18:29:50.0739 0x068c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
18:29:50.0744 0x068c  RasAgileVpn - ok
18:29:50.0771 0x068c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
18:29:50.0779 0x068c  RasAuto - ok
18:29:50.0819 0x068c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
18:29:50.0826 0x068c  Rasl2tp - ok
18:29:50.0878 0x068c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
18:29:50.0897 0x068c  RasMan - ok
18:29:50.0912 0x068c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
18:29:50.0917 0x068c  RasPppoe - ok
18:29:50.0936 0x068c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
18:29:50.0941 0x068c  RasSstp - ok
18:29:50.0975 0x068c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
18:29:50.0990 0x068c  rdbss - ok
18:29:51.0014 0x068c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
18:29:51.0017 0x068c  rdpbus - ok
18:29:51.0037 0x068c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
18:29:51.0039 0x068c  RDPCDD - ok
18:29:51.0075 0x068c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
18:29:51.0078 0x068c  RDPENCDD - ok
18:29:51.0103 0x068c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
18:29:51.0105 0x068c  RDPREFMP - ok
18:29:51.0145 0x068c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
18:29:51.0156 0x068c  RDPWD - ok
18:29:51.0196 0x068c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
18:29:51.0207 0x068c  rdyboost - ok
18:29:51.0245 0x068c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
18:29:51.0252 0x068c  RemoteAccess - ok
18:29:51.0287 0x068c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
18:29:51.0353 0x068c  RemoteRegistry - ok
18:29:51.0394 0x068c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
18:29:51.0433 0x068c  RpcEptMapper - ok
18:29:51.0486 0x068c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
18:29:51.0491 0x068c  RpcLocator - ok
18:29:51.0545 0x068c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
18:29:51.0569 0x068c  RpcSs - ok
18:29:51.0614 0x068c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
18:29:51.0619 0x068c  rspndr - ok
18:29:51.0672 0x068c  [ 0E3DCF76F11DC431B088A2DFD7265CDA, 7FCC8A9C28B8B2E9EC6AB9FFF7354929838134F61DB9D5BB96C5F6A7ABDC6B6A ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
18:29:51.0696 0x068c  RSUSBSTOR - ok
18:29:51.0776 0x068c  [ 64FDF4FE366CA42DA2B7D9D424B6E39B, FC3844152E29B703373788F24862CDD307837AA53D21F978FB9C038A34593B95 ] RTL8192Ce       C:\windows\system32\DRIVERS\rtl8192Ce.sys
18:29:51.0875 0x068c  RTL8192Ce - ok
18:29:51.0905 0x068c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\windows\system32\lsass.exe
18:29:51.0910 0x068c  SamSs - ok
18:29:51.0931 0x068c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
18:29:51.0937 0x068c  sbp2port - ok
18:29:51.0981 0x068c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
18:29:52.0004 0x068c  SCardSvr - ok
18:29:52.0034 0x068c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
18:29:52.0038 0x068c  scfilter - ok
18:29:52.0118 0x068c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
18:29:52.0187 0x068c  Schedule - ok
18:29:52.0228 0x068c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
18:29:52.0232 0x068c  SCPolicySvc - ok
18:29:52.0260 0x068c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
18:29:52.0282 0x068c  SDRSVC - ok
18:29:52.0314 0x068c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
18:29:52.0317 0x068c  secdrv - ok
18:29:52.0350 0x068c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
18:29:52.0355 0x068c  seclogon - ok
18:29:52.0369 0x068c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
18:29:52.0375 0x068c  SENS - ok
18:29:52.0387 0x068c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
18:29:52.0393 0x068c  SensrSvc - ok
18:29:52.0413 0x068c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\drivers\serenum.sys
18:29:52.0416 0x068c  Serenum - ok
18:29:52.0461 0x068c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys
18:29:52.0469 0x068c  Serial - ok
18:29:52.0512 0x068c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys
18:29:52.0517 0x068c  sermouse - ok
18:29:52.0687 0x068c  [ B2DC01AEE6913294F927AB04902A2E73, 80D90BB8525848978A0A174409C65F51B331513AB9451D4962082BFBA2B20198 ] ServiceUpdater  C:\windows\SysWOW64\netupdsrv.exe
18:29:52.0696 0x068c  ServiceUpdater - ok
18:29:52.0750 0x068c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
18:29:52.0759 0x068c  SessionEnv - ok
18:29:52.0788 0x068c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
18:29:52.0791 0x068c  sffdisk - ok
18:29:52.0801 0x068c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
18:29:52.0803 0x068c  sffp_mmc - ok
18:29:52.0815 0x068c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
18:29:52.0819 0x068c  sffp_sd - ok
18:29:52.0843 0x068c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
18:29:52.0845 0x068c  sfloppy - ok
18:29:52.0907 0x068c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
18:29:52.0926 0x068c  SharedAccess - ok
18:29:52.0967 0x068c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:29:52.0987 0x068c  ShellHWDetection - ok
18:29:53.0026 0x068c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
18:29:53.0030 0x068c  SiSRaid2 - ok
18:29:53.0048 0x068c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
18:29:53.0053 0x068c  SiSRaid4 - ok
18:29:53.0117 0x068c  [ 579BA0A911FF5EA70CB604CD3B744B0A, 2B38455FD465ED17CB406D3ED942B65464612C27F020BDBD0E168B25BF1A618F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:29:53.0128 0x068c  SkypeUpdate - ok
18:29:53.0157 0x068c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
18:29:53.0164 0x068c  Smb - ok
18:29:53.0222 0x068c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
18:29:53.0226 0x068c  SNMPTRAP - ok
18:29:53.0258 0x068c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
18:29:53.0261 0x068c  spldr - ok
18:29:53.0311 0x068c  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\windows\System32\spoolsv.exe
18:29:53.0345 0x068c  Spooler - ok
18:29:53.0551 0x068c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
18:29:53.0766 0x068c  sppsvc - ok
18:29:53.0795 0x068c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
18:29:53.0801 0x068c  sppuinotify - ok
18:29:53.0918 0x068c  [ 06B9A7BA94356EC5207C5DDB59540378, 246D70611185F8F5D769A0C3B2B821303328C4F8BFFFB220115B14B6B22CFABF ] SRTSP           C:\windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS
18:29:53.0958 0x068c  SRTSP - ok
18:29:53.0980 0x068c  [ FBB8945A61E55A2345D12487C74A9D76, A99CA299EE6572DC9B4B7958D16A06BA6D98134A839BD423B65405D31443E268 ] SRTSPX          C:\windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS
18:29:53.0983 0x068c  SRTSPX - ok
18:29:54.0030 0x068c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
18:29:54.0051 0x068c  srv - ok
18:29:54.0088 0x068c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
18:29:54.0107 0x068c  srv2 - ok
18:29:54.0126 0x068c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
18:29:54.0135 0x068c  srvnet - ok
18:29:54.0174 0x068c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
18:29:54.0186 0x068c  SSDPSRV - ok
18:29:54.0199 0x068c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
18:29:54.0206 0x068c  SstpSvc - ok
18:29:54.0231 0x068c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys
18:29:54.0234 0x068c  stexstor - ok
18:29:54.0301 0x068c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
18:29:54.0348 0x068c  stisvc - ok
18:29:54.0378 0x068c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
18:29:54.0380 0x068c  swenum - ok
18:29:54.0434 0x068c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
18:29:54.0469 0x068c  swprv - ok
18:29:54.0640 0x068c  [ 8B2430762099598DA40686F754632EFD, BEF443EB8CDB8792E8B9CF861E8D2205DEA336BC24A92417D67DD5A28DD35BE9 ] SymDS           C:\windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS
18:29:54.0669 0x068c  SymDS - ok
18:29:54.0767 0x068c  [ F90C7A190399165D3AB2245048D34786, B356C624F5AC41D8AD1AC843CB29F99EECE00600CECF60E794F672DF2CB97616 ] SymEFA          C:\windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS
18:29:54.0836 0x068c  SymEFA - ok
18:29:54.0901 0x068c  [ 898BB48C797483420DF523B2BBC1ECDB, 39C510395950B50AABB339A76FF2CB1706761B196F05F9B86B12472B9C1EF3DC ] SymEvent        C:\windows\system32\Drivers\SYMEVENT64x86.SYS
18:29:54.0910 0x068c  SymEvent - ok
18:29:54.0953 0x068c  [ 5013A76CAAA1D7CF1C55214B490B4E35, B7AC28C29C4152977A6313FB47984643EC395BCDD9B417853D4E31D7AD98598B ] SymIRON         C:\windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS
18:29:54.0963 0x068c  SymIRON - ok
18:29:55.0008 0x068c  [ 3911BD0E68C010E5438A87706ABBE9AB, C79D2444830E4AE8A36D8686635463BF34B22913AA417A48AB0AC0A48F7D227B ] SymNetS         C:\windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS
18:29:55.0028 0x068c  SymNetS - ok
18:29:55.0158 0x068c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
18:29:55.0260 0x068c  SysMain - ok
18:29:55.0290 0x068c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
18:29:55.0298 0x068c  TabletInputService - ok
18:29:55.0330 0x068c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
18:29:55.0348 0x068c  TapiSrv - ok
18:29:55.0368 0x068c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
18:29:55.0375 0x068c  TBS - ok
18:29:55.0450 0x068c  [ BB6F1F29721F8C3839C334F5DFA68387, 105C6B733081BDE6FFC222631CEDAE9B15676C7340845BB1BEB1434FEEE81145 ] TBSrv           C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
18:29:55.0467 0x068c  TBSrv - ok
18:29:55.0601 0x068c  [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E8865C88E44CDF3E17 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
18:29:55.0703 0x068c  Tcpip - ok
18:29:55.0835 0x068c  [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E8865C88E44CDF3E17 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
18:29:55.0915 0x068c  TCPIP6 - ok
18:29:55.0993 0x068c  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
18:29:55.0999 0x068c  tcpipreg - ok
18:29:56.0037 0x068c  [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys
18:29:56.0039 0x068c  tdcmdpst - ok
18:29:56.0064 0x068c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
18:29:56.0066 0x068c  TDPIPE - ok
18:29:56.0099 0x068c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
18:29:56.0102 0x068c  TDTCP - ok
18:29:56.0118 0x068c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
18:29:56.0125 0x068c  tdx - ok
18:29:56.0138 0x068c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
18:29:56.0143 0x068c  TermDD - ok
18:29:56.0212 0x068c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll
18:29:56.0257 0x068c  TermService - ok
18:29:56.0281 0x068c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
18:29:56.0287 0x068c  Themes - ok
18:29:56.0316 0x068c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
18:29:56.0320 0x068c  THREADORDER - ok
18:29:56.0502 0x068c  [ 71C321649B28638EE80A2EEB164C1DC8, D75D296B506DCC38A4DED82C71141388AEB60B065785DCC5BC2F4B3B77ACEDC7 ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
18:29:56.0508 0x068c  TMachInfo - ok
18:29:56.0588 0x068c  [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E6407219F2E866905D9B ] TODDSrv         C:\windows\system32\TODDSrv.exe
18:29:56.0604 0x068c  TODDSrv - ok
18:29:56.0918 0x068c  [ 1C73689B900428C7D054A41C4687F55C, 6DD3CDC09E4A62F40A81872789A5C8678C0FE23DD911C2951DFF5494B6BFC012 ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
18:29:56.0951 0x068c  TosCoSrv - ok
18:29:57.0043 0x068c  [ 29D0886CF250FCEF1BF9E65AB8D2C0C8, 8D852DB100AC68A07A6E2AD21198410EAAB36E83BB8BAEA71CB698680B5DCE71 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
18:29:57.0056 0x068c  TOSHIBA HDD SSD Alert Service - ok
18:29:57.0093 0x068c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
18:29:57.0104 0x068c  TrkWks - ok
18:29:57.0186 0x068c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:29:57.0205 0x068c  TrustedInstaller - ok
18:29:57.0239 0x068c  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
18:29:57.0243 0x068c  tssecsrv - ok
18:29:57.0273 0x068c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
18:29:57.0279 0x068c  TsUsbFlt - ok
18:29:57.0319 0x068c  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
18:29:57.0322 0x068c  TsUsbGD - ok
18:29:57.0350 0x068c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
18:29:57.0362 0x068c  tunnel - ok
18:29:57.0399 0x068c  [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ           C:\windows\system32\DRIVERS\TVALZ_O.SYS
18:29:57.0404 0x068c  TVALZ - ok
18:29:57.0458 0x068c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys
18:29:57.0466 0x068c  uagp35 - ok
18:29:57.0521 0x068c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
18:29:57.0538 0x068c  udfs - ok
18:29:57.0586 0x068c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
18:29:57.0591 0x068c  UI0Detect - ok
18:29:57.0629 0x068c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
18:29:57.0633 0x068c  uliagpkx - ok
18:29:57.0665 0x068c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
18:29:57.0668 0x068c  umbus - ok
18:29:57.0708 0x068c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys
18:29:57.0711 0x068c  UmPass - ok
18:29:57.0758 0x068c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
18:29:57.0778 0x068c  upnphost - ok
18:29:57.0794 0x068c  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
18:29:57.0800 0x068c  usbccgp - ok
18:29:57.0822 0x068c  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\windows\system32\drivers\usbcir.sys
18:29:57.0829 0x068c  usbcir - ok
18:29:57.0841 0x068c  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
18:29:57.0845 0x068c  usbehci - ok
18:29:57.0877 0x068c  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
18:29:57.0894 0x068c  usbhub - ok
18:29:57.0907 0x068c  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\windows\system32\DRIVERS\usbohci.sys
18:29:57.0910 0x068c  usbohci - ok
18:29:57.0930 0x068c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\drivers\usbprint.sys
18:29:57.0933 0x068c  usbprint - ok
18:29:57.0949 0x068c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
18:29:57.0954 0x068c  USBSTOR - ok
18:29:57.0979 0x068c  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
18:29:57.0982 0x068c  usbuhci - ok
18:29:58.0008 0x068c  [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
18:29:58.0018 0x068c  usbvideo - ok
18:29:58.0057 0x068c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
18:29:58.0062 0x068c  UxSms - ok
18:29:58.0083 0x068c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\windows\system32\lsass.exe
18:29:58.0086 0x068c  VaultSvc - ok
18:29:58.0116 0x068c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
18:29:58.0119 0x068c  vdrvroot - ok
18:29:58.0165 0x068c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
18:29:58.0198 0x068c  vds - ok
18:29:58.0222 0x068c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
18:29:58.0226 0x068c  vga - ok
18:29:58.0247 0x068c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
18:29:58.0250 0x068c  VgaSave - ok
18:29:58.0280 0x068c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
18:29:58.0301 0x068c  vhdmp - ok
18:29:58.0340 0x068c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
18:29:58.0343 0x068c  viaide - ok
18:29:58.0362 0x068c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
18:29:58.0371 0x068c  volmgr - ok
18:29:58.0427 0x068c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
18:29:58.0452 0x068c  volmgrx - ok
18:29:58.0487 0x068c  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\windows\system32\drivers\volsnap.sys
18:29:58.0503 0x068c  volsnap - ok
18:29:58.0569 0x068c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
18:29:58.0600 0x068c  vsmraid - ok
18:29:58.0799 0x068c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
18:29:58.0886 0x068c  VSS - ok
18:29:58.0914 0x068c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
18:29:58.0916 0x068c  vwifibus - ok
18:29:58.0950 0x068c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
18:29:58.0955 0x068c  vwififlt - ok
18:29:58.0995 0x068c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
18:29:59.0016 0x068c  W32Time - ok
18:29:59.0051 0x068c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
18:29:59.0054 0x068c  WacomPen - ok
18:29:59.0085 0x068c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
18:29:59.0090 0x068c  WANARP - ok
18:29:59.0115 0x068c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
18:29:59.0119 0x068c  Wanarpv6 - ok
18:29:59.0221 0x068c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
18:29:59.0298 0x068c  WatAdminSvc - ok
18:29:59.0404 0x068c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
18:29:59.0497 0x068c  wbengine - ok
18:29:59.0522 0x068c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
18:29:59.0535 0x068c  WbioSrvc - ok
18:29:59.0569 0x068c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
18:29:59.0589 0x068c  wcncsvc - ok
18:29:59.0601 0x068c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:29:59.0607 0x068c  WcsPlugInService - ok
18:29:59.0641 0x068c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys
18:29:59.0644 0x068c  Wd - ok
18:29:59.0706 0x068c  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
18:29:59.0754 0x068c  Wdf01000 - ok
18:29:59.0805 0x068c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
18:29:59.0813 0x068c  WdiServiceHost - ok
18:29:59.0824 0x068c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
18:29:59.0831 0x068c  WdiSystemHost - ok
18:29:59.0886 0x068c  [ 719AD5D66260CBB4A014719C20868B16, 43EFBD73CBFCAEBDC6E9613F63C1E04FD662B83405847DF7C37DB4279D4C6567 ] WebCakeUpdater  C:\Program Files (x86)\Betcat\WBDesktop.Updater.1.0.0.16.exe
18:29:59.0888 0x068c  WebCakeUpdater - ok
18:29:59.0936 0x068c  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\windows\System32\webclnt.dll
18:29:59.0951 0x068c  WebClient - ok
18:29:59.0982 0x068c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
18:29:59.0997 0x068c  Wecsvc - ok
18:30:00.0015 0x068c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
18:30:00.0022 0x068c  wercplsupport - ok
18:30:00.0055 0x068c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
18:30:00.0062 0x068c  WerSvc - ok
18:30:00.0105 0x068c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
18:30:00.0107 0x068c  WfpLwf - ok
18:30:00.0128 0x068c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
18:30:00.0131 0x068c  WIMMount - ok
18:30:00.0149 0x068c  WinDefend - ok
18:30:00.0169 0x068c  WinHttpAutoProxySvc - ok
18:30:00.0243 0x068c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
18:30:00.0256 0x068c  Winmgmt - ok
18:30:00.0401 0x068c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
18:30:00.0515 0x068c  WinRM - ok
18:30:00.0659 0x068c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
18:30:00.0709 0x068c  WinUsb - ok
18:30:00.0788 0x068c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
18:30:00.0866 0x068c  Wlansvc - ok
18:30:00.0891 0x068c  Have new async UDS detects: 2
18:30:00.0891 0x068c  nethfdrv - detected UDS:DangerousObject.Multi.Generic ( 0 )
18:30:01.0035 0x068c  nethfdrv ( UDS:DangerousObject.Multi.Generic ) - infected
18:30:01.0035 0x068c  Force sending object to P2P due to detect: nethfdrv
18:30:03.0994 0x068c  Object send P2P result: true
18:30:06.0820 0x068c  NetHttpService - detected UDS:DangerousObject.Multi.Generic ( 0 )
18:30:06.0821 0x068c  NetHttpService ( UDS:DangerousObject.Multi.Generic ) - infected
18:30:06.0821 0x068c  Force sending object to P2P due to detect: NetHttpService
18:30:09.0879 0x068c  Object send P2P result: true
18:30:12.0738 0x068c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:30:12.0745 0x068c  wlcrasvc - ok
18:30:12.0950 0x068c  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:30:13.0111 0x068c  wlidsvc - ok
18:30:13.0140 0x068c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
18:30:13.0144 0x068c  WmiAcpi - ok
18:30:13.0186 0x068c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
18:30:13.0197 0x068c  wmiApSrv - ok
18:30:13.0224 0x068c  WMPNetworkSvc - ok
18:30:13.0261 0x068c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
18:30:13.0266 0x068c  WPCSvc - ok
18:30:13.0283 0x068c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
18:30:13.0293 0x068c  WPDBusEnum - ok
18:30:13.0330 0x068c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
18:30:13.0333 0x068c  ws2ifsl - ok
18:30:13.0354 0x068c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
18:30:13.0362 0x068c  wscsvc - ok
18:30:13.0371 0x068c  WSearch - ok
18:30:13.0553 0x068c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\windows\system32\wuaueng.dll
18:30:13.0708 0x068c  wuauserv - ok
18:30:13.0743 0x068c  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
18:30:13.0750 0x068c  WudfPf - ok
18:30:13.0773 0x068c  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
18:30:13.0783 0x068c  WUDFRd - ok
18:30:13.0823 0x068c  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
18:30:13.0830 0x068c  wudfsvc - ok
18:30:13.0858 0x068c  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\windows\System32\wwansvc.dll
18:30:13.0873 0x068c  WwanSvc - ok
18:30:13.0899 0x068c  ================ Scan global ===============================
18:30:13.0921 0x068c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
18:30:13.0953 0x068c  [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\windows\system32\winsrv.dll
18:30:13.0982 0x068c  [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\windows\system32\winsrv.dll
18:30:14.0025 0x068c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
18:30:14.0069 0x068c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
18:30:14.0088 0x068c  [ Global ] - ok
18:30:14.0089 0x068c  ================ Scan MBR ==================================
18:30:14.0100 0x068c  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
18:30:14.0498 0x068c  \Device\Harddisk0\DR0 - ok
18:30:14.0499 0x068c  ================ Scan VBR ==================================
18:30:14.0509 0x068c  [ 0E8181833307AF9717CE06CA6178D97C ] \Device\Harddisk0\DR0\Partition1
18:30:14.0514 0x068c  \Device\Harddisk0\DR0\Partition1 - ok
18:30:14.0516 0x068c  ================ Scan generic autorun ======================
18:30:14.0747 0x068c  [ BC51263DEF5774BF213BFA05AE046705, 0C806870985CCE346BB891866B038DFE89BE90E55657442D6E74E1DC02730A91 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
18:30:14.0770 0x068c  StartCCC - ok
18:30:14.0853 0x068c  [ 1705B6E6E1D883965F32C7D3B8E78CE6, 8C7208DB10158087FD6CFA3AB439AE4C403BE3FF7689CAB79C4ED5C7A44A65C2 ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
18:30:14.0929 0x068c  ToshibaServiceStation - ok
18:30:15.0126 0x068c  [ 02F4246866BF35BF2244E5CF72E25895, AA08D3E65CCF6F4F79D169575C9B4FE8BA078246BFB30C380939A4A3B6092074 ] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe
18:30:15.0294 0x068c  NortonOnlineBackupReminder - ok
18:30:15.0360 0x068c  [ 2D7816ACDA1CC85C873CBC19A4121D58, 3F3E41EBEF81DB8C2A84A8E75D1E4852046A10A5DCB8CCCC2ADF7FD0DC8EEF66 ] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
18:30:15.0393 0x068c  ToshibaAppPlace - ok
18:30:15.0465 0x068c  [ CF5C8F79801409BE862F88439CB5A323, 2E36117149BA27463F4EFA477DF42196C9082CE5AB47EA6D7DE08AC4EE8B5554 ] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
18:30:15.0470 0x068c  SSDMonitor - ok
18:30:15.0550 0x068c  [ 1422C6F105573878714FE7274E0E4E94, 0CBEDD93D1321296B04FA75ABC5F496C95C5164E61B1EEF63E09F34162502FAC ] C:\Program Files (x86)\AVG Secure Search\vprot.exe
18:30:15.0603 0x068c  vProt - ok
18:30:15.0737 0x068c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:30:15.0789 0x068c  Sidebar - ok
18:30:15.0827 0x068c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:30:15.0834 0x068c  mctadmin - ok
18:30:15.0897 0x068c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:30:15.0942 0x068c  Sidebar - ok
18:30:15.0957 0x068c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:30:15.0964 0x068c  mctadmin - ok
18:30:16.0947 0x068c  [ DF055D5EF7C0510089436933CD08321B, 6C8B9F0F8BD995B02B022ED9C3C170C3C7DCA555CD78B47571581E6EF1B19DDE ] C:\Program Files (x86)\Skype\Phone\Skype.exe
18:30:17.0705 0x068c  Skype - ok
18:30:17.0931 0x068c  [ 992DF12CB4DC0D3D6F82265CA58FF21F, C9F7ACB45F0D9B6E0B6AA4697550DD3E7C4E40CC97AA48F29C227112F6816925 ] C:\Users\Innes\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe
18:30:17.0947 0x068c  GenieoUpdaterService - ok
18:30:18.0038 0x068c  [ 3E124BE177B50F89106A8AC4D80512A9, A5BB815CC884CB784AE040DE54AECA84F2D5C6EBA5D56E8693E4FD41EFBFD9E6 ] C:\Users\Innes\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe
18:30:18.0062 0x068c  GenieoSystemTray - ok
18:30:18.0109 0x068c  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
18:30:18.0111 0x068c  swg - ok
18:30:18.0178 0x068c  [ 5AB8DB8F9CADBFBB3C132E8316FE337E, 18111E333A0EDCBD5A645164DB571E35E2319A250CBFA75616049786E27A9D1A ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:30:18.0233 0x068c  GoogleChromeAutoLaunch_3E5DBCA7DE952ED603C5534E2C6D6B63 - ok
18:30:18.0305 0x068c  [ 0A8D38A71226F2DED4C2687257009461, C198280636F0F7408B31D2B4016E8604BF1DD2AF2C0DF290A02B39A9B52EF16F ] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
18:30:18.0319 0x068c  Optimizer Pro - ok
18:30:18.0353 0x068c  [ 12336775941D49CE6A4D6F391CB5E02F, 055788EB475E7AC5EA2E03383D3F95BCC88D62F06E4456A5F5DD6B9E78506AB5 ] C:\Users\Innes\AppData\Roaming\Movdap\WebCakeDesktop.exe
18:30:18.0356 0x068c  WebCake Desktop - ok
18:30:18.0449 0x068c  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\windows\SysWOW64\Rundll32.exe
18:30:18.0453 0x068c  TBHostSupport - ok
18:30:18.0466 0x068c  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\windows\SysWOW64\Rundll32.exe
18:30:18.0471 0x068c  APISupport - ok
18:30:18.0482 0x068c  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\windows\SysWOW64\Rundll32.exe
18:30:18.0487 0x068c  BackgroundContainerV2 - ok
18:30:18.0494 0x068c  Waiting for KSN requests completion. In queue: 33
18:30:19.0494 0x068c  Waiting for KSN requests completion. In queue: 33
18:30:20.0494 0x068c  Waiting for KSN requests completion. In queue: 33
18:30:21.0495 0x068c  Waiting for KSN requests completion. In queue: 31
18:30:22.0732 0x068c  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\WSCStub.exe ( 19.7.0.0 ), 0x50010 ( disabled : outofdate )
18:30:22.0738 0x068c  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\WSCStub.exe ( 19.7.0.0 ), 0x50010 ( disabled )
18:30:22.0775 0x068c  Win FW state via NFP2: enabled
18:30:25.0613 0x068c  ============================================================
18:30:25.0613 0x068c  Scan finished
18:30:25.0613 0x068c  ============================================================
18:30:25.0648 0x1334  Detected object count: 2
18:30:25.0648 0x1334  Actual detected object count: 2
18:31:18.0182 0x1334  C:\windows\system32\drivers\nethfdrv.sys - copied to quarantine
18:31:18.0184 0x1334  HKLM\SYSTEM\ControlSet001\services\nethfdrv - will be deleted on reboot
18:31:18.0217 0x1334  HKLM\SYSTEM\ControlSet002\services\nethfdrv - will be deleted on reboot
18:31:18.0377 0x1334  C:\windows\system32\drivers\nethfdrv.sys - will be deleted on reboot
18:31:18.0377 0x1334  nethfdrv ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete 
18:31:18.0474 0x1334  C:\windows\SysWOW64\nethtsrv.exe - copied to quarantine
18:31:18.0475 0x1334  HKLM\SYSTEM\ControlSet001\services\NetHttpService - will be deleted on reboot
18:31:18.0483 0x1334  HKLM\SYSTEM\ControlSet002\services\NetHttpService - will be deleted on reboot
18:31:18.0495 0x1334  C:\windows\SysWOW64\nethtsrv.exe - will be deleted on reboot
18:31:18.0495 0x1334  NetHttpService ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete 
18:31:19.0511 0x1334  KLMD registered as C:\windows\system32\drivers\81400216.sys
18:31:23.0812 0x11d0  Deinitialize success
 
TDSS Killer Log # 2 (This appeared after I rebooted the computer)
 
18:33:32.0901 0x0d60  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:33:34.0071 0x0d60  ============================================================
18:33:34.0071 0x0d60  Current date / time: 2014/10/09 18:33:34.0071
18:33:34.0071 0x0d60  SystemInfo:
18:33:34.0071 0x0d60  
18:33:34.0071 0x0d60  OS Version: 6.1.7601 ServicePack: 1.0
18:33:34.0071 0x0d60  Product type: Workstation
18:33:34.0071 0x0d60  ComputerName: TCHUME
18:33:34.0071 0x0d60  UserName: Innes
18:33:34.0071 0x0d60  Windows directory: C:\windows
18:33:34.0071 0x0d60  System windows directory: C:\windows
18:33:34.0071 0x0d60  Running under WOW64
18:33:34.0071 0x0d60  Processor architecture: Intel x64
18:33:34.0071 0x0d60  Number of processors: 2
18:33:34.0071 0x0d60  Page size: 0x1000
18:33:34.0071 0x0d60  Boot type: Normal boot
18:33:34.0071 0x0d60  ============================================================
18:33:34.0086 0x0d60  BG loaded
18:33:40.0217 0x0d60  System UUID: {6BF95E0D-6768-C6F7-2346-DB6E00181612}
18:33:45.0163 0x0d60  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:33:45.0256 0x0d60  ============================================================
18:33:45.0256 0x0d60  \Device\Harddisk0\DR0:
18:33:45.0537 0x0d60  MBR partitions:
18:33:45.0537 0x0d60  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x235D7000
18:33:45.0537 0x0d60  ============================================================
18:33:46.0629 0x0d60  C: <-> \Device\Harddisk0\DR0\Partition1
18:33:46.0629 0x0d60  ============================================================
18:33:46.0629 0x0d60  Initialize success
18:33:46.0629 0x0d60  ============================================================
 


#5 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 09 October 2014 - 09:40 PM

ADWCleaner log

 

# AdwCleaner v3.311 - Report created 09/10/2014 at 18:48:24
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Innes - TCHUME
# Running from : C:\Users\Innes\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : BackupStack
[#] Service Deleted : BrowserDefendert
Service Deleted : CltMngSvc
[#] Service Deleted : DefaultTabSearch
Service Deleted : DefaultTabUpdate
Service Deleted : ServiceUpdater
Service Deleted : SPPD
Service Deleted : TBSrv
[#] Service Deleted : WebCakeUpdater
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserDefender
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Betcat
Folder Deleted : C:\Program Files (x86)\BetterSurf
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\defaulttab
Folder Deleted : C:\Program Files (x86)\Delta
Folder Deleted : C:\Program Files (x86)\Movdap
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\ParetoLogic
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Tbccint
Folder Deleted : C:\Program Files (x86)\Web Cake
Folder Deleted : C:\Program Files (x86)\WebexpEnhancedV1
Folder Deleted : C:\Program Files (x86)\WhiteSmoke_New
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Deleted : C:\Users\Innes\AppData\Local\Conduit
Folder Deleted : C:\Users\Innes\AppData\Local\DefineExt
Folder Deleted : C:\Users\Innes\AppData\Local\getsav-in
Folder Deleted : C:\Users\Innes\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Innes\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Innes\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Innes\AppData\Local\TBHostSupport
Folder Deleted : C:\Users\Innes\AppData\Local\WhiteListing
Folder Deleted : C:\Users\Innes\AppData\Local\Temp\mt_ffx
Folder Deleted : C:\Users\Innes\AppData\Local\Temp\WhiteSmoke_New
Folder Deleted : C:\Users\Innes\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Innes\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Innes\AppData\LocalLow\Delta
Folder Deleted : C:\Users\Innes\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Innes\AppData\LocalLow\WhiteSmoke_New
Folder Deleted : C:\Users\Innes\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Innes\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Innes\AppData\Roaming\defaulttab
Folder Deleted : C:\Users\Innes\AppData\Roaming\Delta
Folder Deleted : C:\Users\Innes\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Innes\AppData\Roaming\Movdap
Folder Deleted : C:\Users\Innes\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\Innes\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Innes\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\Innes\AppData\Roaming\Web Cake
Folder Deleted : C:\Users\Innes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\Innes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Deleted : C:\Users\Public\Util
Folder Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
Folder Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Folder Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Folder Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Folder Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh
Folder Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
Folder Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Folder Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Folder Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl
[!] Folder Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
[!] Folder Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
File Deleted : C:\Users\Innes\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx
File Deleted : C:\END
File Deleted : C:\windows\SysWOW64\hfpapi.dll
File Deleted : C:\windows\SysWOW64\installd.exe
File Deleted : C:\windows\SysWOW64\netupdsrv.exe
File Deleted : C:\Users\Innes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\Innes\Desktop\MyPC Backup.lnk
File Deleted : C:\Users\Innes\Desktop\Optimizer Pro.lnk
File Deleted : C:\Users\Innes\Desktop\Sync Folder.lnk
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage
File Deleted : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : AmiUpdXp
Task Deleted : BrowserDefendert
Task Deleted : DTChk
Task Deleted : DTReg
Task Deleted : EPUpdater
Task Deleted : LaunchSignup
Task Deleted : paretologic registration3
Task Deleted : paretologic update version3
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [APISupport]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainerV2]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [TBHostSupport]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\d
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater
Key Deleted : HKCU\Software\5c28c8de66dbd40
Key Deleted : HKLM\SOFTWARE\5c28c8de66dbd40
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{739DF940-C5EE-4BAB-9D7E-270894AE687A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{739DF940-C5EE-4BAB-9D7E-270894AE687A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{739DF940-C5EE-4BAB-9D7E-270894AE687A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{739DF940-C5EE-4BAB-9D7E-270894AE687A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC0A136F-6AAB-46AB-8D82-95A9C3E68AA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7948FACE-AA45-4913-B672-8C948CA7F9D0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{739DF940-C5EE-4BAB-9D7E-270894AE687A}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{739DF940-C5EE-4BAB-9D7E-270894AE687A}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{739DF940-C5EE-4BAB-9D7E-270894AE687A}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{739DF940-C5EE-4BAB-9D7E-270894AE687A}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Conduit_Search_Protect
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\WhiteSmoke_New
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\BetterSurf
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Default Tab
Key Deleted : HKLM\SOFTWARE\DefaultTab
Key Deleted : HKLM\SOFTWARE\Delta
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\WhiteSmoke_New
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_New Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16447
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Google Chrome v37.0.2062.124
 
[ File : C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322295&octid=EB_ORIGINAL_CTID&ISID=M9B202E27-C4E9-4C98-9AA6-4B336D466C1B&SearchSource=58&CUI=&UM=6&UP=SP498247FC-A809-4E74-95FB-227B20BDF228&q={searchTerms}&SSPV=
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Startup_urls] : hxxp://search.conduit.com/?ctid=CT3289847&SearchSource=48&CUI=UN38388784623041017&UM=2&sspv=&UP=SP498247FC-A809-4E74-95FB-227B20BDF228
Deleted [Homepage] : hxxp://search.conduit.com/?ctid=CT3289847&SearchSource=48&CUI=UN38388784623041017&UM=2&sspv=&UP=SP498247FC-A809-4E74-95FB-227B20BDF228
 
*************************
 
AdwCleaner[R0].txt - [37426 octets] - [09/10/2014 18:39:06]
AdwCleaner[S0].txt - [37173 octets] - [09/10/2014 18:48:24]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [37234 octets] ##########


#6 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 09 October 2014 - 09:43 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 7 Home Premium x64
Ran by Innes on Thu 10/09/2014 at 19:37:44.78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{308D72BC-512D-43BD-8317-05267DCF88F5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9B18D25E-B649-40A0-A5A8-31DFDAD126C1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DFD077A7-C426-41F6-9CDB-C68808E5AA80}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2B6C1C5-ACDE-415E-A965-9FCB42E95952}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2B6C1C5-ACDE-415E-A965-9FCB42E95952}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2B6C1C5-ACDE-415E-A965-9FCB42E95952}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4E991AC-DDD3-4639-BD5A-45BD707F01B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E4E991AC-DDD3-4639-BD5A-45BD707F01B1}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2B6C1C5-ACDE-415E-A965-9FCB42E95952}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{A2B6C1C5-ACDE-415E-A965-9FCB42E95952}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4E991AC-DDD3-4639-BD5A-45BD707F01B1}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{E4E991AC-DDD3-4639-BD5A-45BD707F01B1}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2B6C1C5-ACDE-415E-A965-9FCB42E95952}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{A2B6C1C5-ACDE-415E-A965-9FCB42E95952}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4E991AC-DDD3-4639-BD5A-45BD707F01B1}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{E4E991AC-DDD3-4639-BD5A-45BD707F01B1}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Innes\AppData\Roaming\registry mechanic"
Successfully deleted: [Folder] "C:\Users\Innes\appdata\local\cre"
Successfully deleted: [Folder] "C:\Program Files (x86)\swiki_ie"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\swiki"
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Innes\appdata\local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 10/09/2014 at 19:46:11.23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#7 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 09 October 2014 - 09:44 PM

C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\tbWhi0.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\tbWhi1.dll.vir a variant of Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\tbWhi2.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\tbWhit.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll.vir a variant of Win32/PriceGong.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir Win32/Toolbar.Babylon.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\defaulttab\DefaultTab\DefaultTabBHO.dll.vir a variant of Win32/Toolbar.DefaultTab.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\defaulttab\DefaultTab\DefaultTabStart.exe.vir a variant of Win32/Toolbar.DefaultTab.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\defaulttab\DefaultTab\DefaultTabStart64.exe.vir Win64/Toolbar.DefaultTab.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\defaulttab\DefaultTab\DefaultTabWrap.dll.vir a variant of Win32/Toolbar.DefaultTab.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\defaulttab\DefaultTab\DefaultTabWrap64.dll.vir Win64/Toolbar.DefaultTab.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\defaulttab\DefaultTab\DTUpdate.exe.vir Win32/Toolbar.DefaultTab.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\defaulttab\DefaultTab\uninstalldt.exe.vir Win32/Toolbar.DefaultTab.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\Movdap\WebCakeDesktop.exe.vir a variant of MSIL/WebCake.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\Movdap\dat\Desktop.OS.dll.vir a variant of MSIL/WebCake.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\Movdap\dat\Dora.dat.vir a variant of MSIL/WebCake.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\Movdap\dat\Maintain.dat.vir a variant of MSIL/WebCake.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\Movdap\dat\Paladin.dat.vir a variant of MSIL/WebCake.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\Movdap\dat\Phoenix.dat.vir a variant of MSIL/WebCake.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\Web Cake\WebCakeDesktop.exe.vir MSIL/WebCake.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\Web Cake\dat\Desktop.OS.dll.vir a variant of MSIL/WebCake.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\Web Cake\dat\Dora.dat.vir a variant of MSIL/WebCake.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\Web Cake\dat\Maintain.dat.vir a variant of MSIL/WebCake.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\Web Cake\dat\Paladin.dat.vir a variant of MSIL/WebCake.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Roaming\Web Cake\dat\Phoenix.dat.vir a variant of MSIL/WebCake.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\windows\SysWOW64\hfpapi.dll.vir a variant of Win32/RiskWare.NetFilter.B application
C:\AdwCleaner\Quarantine\C\windows\SysWOW64\installd.exe.vir a variant of Win32/Amonetize.BB potentially unwanted application
C:\AdwCleaner\Quarantine\C\windows\SysWOW64\netupdsrv.exe.vir a variant of Win32/Amonetize.AZ potentially unwanted application
C:\Program Files (x86)\Unlockroot\unlockrootpro-internal.exe a variant of Win32/Packed.VProtect.C potentially unwanted application
C:\Program Files (x86)\Unlockroot Pro\unlockrootpro.exe a variant of Win32/Packed.VProtect.C potentially unwanted application
C:\TDSSKiller_Quarantine\09.10.2014_18.28.01\uds0000\svc0000\tsk0000.dta a variant of Win64/Riskware.NetFilter.C application
C:\TDSSKiller_Quarantine\09.10.2014_18.28.01\uds0001\svc0000\tsk0000.dta a variant of Win32/Amonetize.AZ potentially unwanted application
C:\Users\Innes\AppData\Local\14261\a9317.exe a variant of Win32/Amonetize.BR potentially unwanted application
C:\Users\Innes\AppData\Local\TB\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Innes\AppData\Local\TB\APISupport\APISupport.old a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Innes\AppData\Local\TB\APISupport\MiniSP_1.0.2.182\MiniSP32.dll a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\Users\Innes\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5e3c201b-2c9f2104 Java/Exploit.CVE-2012-0507.DB trojan
C:\Users\Innes\AppData\Roaming\0K1L2Z1T1C1T\MightyMagoo Packages\uninstaller.exe Win32/InstallCore.AZ potentially unwanted application
C:\Users\Innes\Downloads\Chrome_Setup.exe a variant of Win32/AdWare.iBryte.Q application
C:\Users\Innes\Downloads\freeopener_715 (1).exe a variant of Win32/InstallIQ.A potentially unwanted application
C:\Users\Innes\Downloads\freeopener_715.exe a variant of Win32/InstallIQ.A potentially unwanted application
C:\Users\Innes\Downloads\Minecraft (6).exe Win32/DomaIQ.AG potentially unwanted application
C:\Users\Innes\Downloads\Minecraft (7).exe Win32/DomaIQ.AG potentially unwanted application
C:\Users\Innes\Downloads\wwe-raw-vs-smackdown.exe a variant of Win32/InstallCore.BY potentially unwanted application
C:\Windows\AppPatch\AppPatch64\SPVCLdr64.dll a variant of Win32/ClientConnect.A potentially unwanted application
C:\Windows\SChecker\Swiki_w3i.exe Win32/Toolbar.Besttoolbars.A potentially unwanted application
C:\Windows\System32\hfnapi.dll a variant of Win32/RiskWare.NetFilter.B application
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\plugins\npDefaultTabSearch.dll a variant of Win32/Toolbar.DefaultTab.C potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\inethnfd-setup[1].exe a variant of Win32/Amonetize.BS potentially unwanted application
C:\Windows\SysWOW64\hfnapi.dll a variant of Win32/RiskWare.NetFilter.B application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\plugins\npDefaultTabSearch.dll a variant of Win32/Toolbar.DefaultTab.C potentially unwanted application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\inethnfd-setup[1].exe a variant of Win32/Amonetize.BS potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Betcat\WBDesktop.Updater.1.0.0.16.exe.vir a variant of MSIL/WebCake.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Betcat\WebCakeIEClient.dll.vir a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BetterSurf\ch\Chrome.crx.vir Win32/AdWare.BetterSurf.G application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BetterSurf\ff\BetterSurf.xpi.vir Win32/AdWare.BetterSurf.G application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BetterSurf\ff\chrome\content\inject.js.vir Win32/AdWare.BetterSurf.G application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BetterSurf\ie\BetterSurf.dll.vir Win32/AdWare.BetterSurf.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\CT3289847\plugins\TBVerifier.dll.vir Win32/Toolbar.Conduit.AC potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\defaulttab\DefaultTabHost.exe.vir Win32/Toolbar.DefaultTab.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\defaulttab\DefaultTabSearch.exe.vir Win32/Toolbar.DefaultTab.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\deltaApp.dll.vir a variant of Win32/Toolbar.Montiera.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\deltaEng.dll.vir a variant of Win32/Toolbar.Montiera.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\deltasrv.exe.vir a variant of Win32/Toolbar.Montiera.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll.vir Win32/Toolbar.Babylon.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\uninstall.exe.vir Win32/Toolbar.Montiera.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll.vir Win32/Toolbar.Escort.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movdap\WBDesktop.Updater.1.0.0.16.exe.vir a variant of MSIL/WebCake.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir Win32/SpeedingUpMyPC.O application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProLauncher.exe.vir a variant of Win32/AdWare.SpeedingUpMyPC.D application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir a variant of Win32/Adware.SpeedingUpMyPC.C application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir a variant of Win32/Conduit.SearchProtect.I potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Web Cake\WebCakeDesktop.Updater.exe.vir MSIL/WebCake.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9306\uninstall.exe.vir a variant of Win32/Amonetize.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9306\ch\WebexpEnhancedV1alpha9306.crx.vir Win32/AdWare.BetterSurf.G application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9306\ff\chrome\content\ffWebexpEnhancedV1alpha9306ffaction.js.vir Win32/AdWare.BetterSurf.G application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9306\ie\WebexpEnhancedV1alpha9306.dll.vir a variant of Win32/AdWare.BetterSurf.C application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\hk64tbWhi0.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\hk64tbWhi2.dll.vir Win64/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\hk64tbWhit.dll.vir Win64/Toolbar.Conduit.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\hktbWhi0.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\hktbWhi2.dll.vir Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\hktbWhit.dll.vir Win32/Toolbar.Conduit.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\ldrtbWhi0.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\ldrtbWhi2.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\ldrtbWhit.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll.vir Win32/Toolbar.Conduit.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\tbWhi0.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\tbWhi2.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\tbWhit.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\WhiteSmoke_NewToolbarHelper.exe.vir Win32/Toolbar.Conduit.V potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\WhiteSmoke_NewToolbarHelper1.exe.vir Win32/Toolbar.Conduit.V potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\Conduit\APISupport\APISupport.dll.vir a variant of Win32/Conduit.SearchProtect.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\Conduit\APISupport\MiniSP_1.0.2.76\MiniSP.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll.vir a variant of Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.1.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\Conduit\Community Alerts\Aler0.dll.vir a variant of Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\Conduit\Community Alerts\Alert.dll.vir a variant of Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\Conduit\CT3289847\WhiteSmoke_NewAutoUpdateHelper.exe.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\Conduit\CT3289847\WhiteSmoke_NewToolbarHelper.exe.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\DefineExt\temp.dat.vir a variant of Win32/AdWare.Toolbar.AmyBar.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\getsav-in\ie\getsav-in_1371750901.dll.vir a variant of Win32/Adware.CouponAmazing.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap\1.0_0\inject.js.vir Win32/AdWare.BetterSurf.G application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.31.4.510_0\APISupport\APISupport.dll.vir a variant of Win32/Conduit.SearchProtect.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\NativeMessaging\CT3289847\1_0_0_10\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\NativeMessaging\CT3289847\1_0_0_2\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\NativeMessaging\CT3289847\1_0_0_4\TBMessagingHost.exe.vir Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\NativeMessaging\CT3289847\1_0_0_7\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\NativeMessaging\CT3289847\1_0_2_0\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\SwvUpdater\Updater.exe.vir a variant of Win32/Amonetize.I potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\Local\TBHostSupport\TBHostSupport.dll.vir a variant of Win32/Toolbar.Conduit.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\hk64tbWhi0.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\hk64tbWhi2.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\hk64tbWhit.dll.vir Win64/Toolbar.Conduit.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\hktbWhi0.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\hktbWhi2.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\hktbWhit.dll.vir Win32/Toolbar.Conduit.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\ldrtbWhi2.dll.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\ldrtbWhit.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Innes\AppData\LocalLow\WhiteSmoke_New\prxtbWhi2.dll.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined


#8 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 09 October 2014 - 09:47 PM

^ That is the ESETS Log



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:33 AM

Posted 09 October 2014 - 09:53 PM

OK, great , was very infected... Please restart the machine. It is needed to complete the removal of some of the malwares found.

Also please post the MinitoolBox log.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
Should be working better now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 10 October 2014 - 05:06 PM

Sorry. Here is the MiniToolbox log

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Innes (administrator) on 09-10-2014 at 18:21:06
Running from "C:\Users\Innes\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Tchume
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 00-26-6C-0C-E5-FA
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : E0-CA-94-EF-60-64
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3d8d:4e9d:76b6:da7e%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.8(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, October 09, 2014 6:12:27 PM
   Lease Expires . . . . . . . . . . : Friday, October 10, 2014 6:12:27 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 249612948
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-F6-23-5C-E0-CA-94-EF-60-64
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4006:80a::1001
 74.125.226.165
 74.125.226.168
 74.125.226.162
 74.125.226.161
 74.125.226.174
 74.125.226.169
 74.125.226.163
 74.125.226.160
 74.125.226.166
 74.125.226.167
 74.125.226.164
 
 
Pinging google.com [173.194.123.6] with 32 bytes of data:
Reply from 173.194.123.6: bytes=32 time=16ms TTL=54
Reply from 173.194.123.6: bytes=32 time=28ms TTL=54
 
Ping statistics for 173.194.123.6:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 16ms, Maximum = 28ms, Average = 22ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=55ms TTL=48
Reply from 98.138.253.109: bytes=32 time=73ms TTL=48
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 55ms, Maximum = 73ms, Average = 64ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...00 26 6c 0c e5 fa ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
 11...e0 ca 94 ef 60 64 ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.8     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.8    286
      192.168.1.8  255.255.255.255         On-link       192.168.1.8    286
    192.168.1.255  255.255.255.255         On-link       192.168.1.8    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.8    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.8    286
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    286 fe80::/64                On-link
 11    286 fe80::3d8d:4e9d:76b6:da7e/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/09/2014 06:12:41 PM) (Source: TOSHIBA Service Station) (User: )
Description: TSS Load: could not communicate with TMachInfo service
 
Error: (10/09/2014 06:12:41 PM) (Source: TOSHIBA Service Station) (User: )
Description: Could not load file or assembly '0 bytes loaded from System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' or one of its dependencies. An attempt was made to load a program with an incorrect format.
 
Error: (10/09/2014 06:11:41 PM) (Source: Toshiba App Place) (User: )
Description: System.NullReferenceException: Object reference not set to an instance of an object.
Stack Trace:
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)
 
Error: (10/09/2014 06:11:41 PM) (Source: Toshiba App Place) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (10/09/2014 06:11:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/09/2014 06:11:21 PM) (Source: Application Error) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Exception code: 0xc0000005
Fault offset: 0x00002d80
Faulting process id: 0x5d8
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3
 
Error: (10/08/2014 09:54:45 PM) (Source: TOSHIBA Service Station) (User: )
Description: TSS Load: could not communicate with TMachInfo service
 
Error: (10/08/2014 09:54:45 PM) (Source: TOSHIBA Service Station) (User: )
Description: Could not load file or assembly '0 bytes loaded from System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' or one of its dependencies. An attempt was made to load a program with an incorrect format.
 
Error: (10/08/2014 09:53:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/08/2014 09:53:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Exception code: 0xc0000005
Fault offset: 0x00002d80
Faulting process id: 0x5f8
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3
 
 
System errors:
=============
Error: (10/09/2014 06:15:27 PM) (Source: Service Control Manager) (User: )
Description: The Network Support Service Updater service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/09/2014 06:15:27 PM) (Source: Service Control Manager) (User: )
Description: The Network HTTP Support Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/09/2014 06:15:27 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/09/2014 06:13:21 PM) (Source: Service Control Manager) (User: )
Description: The Norton Internet Security service failed to start due to the following error: 
%%1053
 
Error: (10/09/2014 06:13:21 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Norton Internet Security service to connect.
 
Error: (10/09/2014 06:11:22 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/09/2014 06:11:17 PM) (Source: Service Control Manager) (User: )
Description: The Common Client Job Manager Service service failed to start due to the following error: 
%%1053
 
Error: (10/09/2014 06:11:17 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Common Client Job Manager Service service to connect.
 
Error: (10/09/2014 06:11:16 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error: 
%%2
 
Error: (10/09/2014 06:11:16 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.
 
 
Microsoft Office Sessions:
=========================
Error: (10/09/2014 06:12:41 PM) (Source: TOSHIBA Service Station)(User: )
Description: TSS Load: could not communicate with TMachInfo service
 
Error: (10/09/2014 06:12:41 PM) (Source: TOSHIBA Service Station)(User: )
Description: Could not load file or assembly '0 bytes loaded from System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' or one of its dependencies. An attempt was made to load a program with an incorrect format.
 
Error: (10/09/2014 06:11:41 PM) (Source: Toshiba App Place)(User: )
Description: System.NullReferenceException: Object reference not set to an instance of an object.
Stack Trace:
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)
 
Error: (10/09/2014 06:11:41 PM) (Source: Toshiba App Place)(User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (10/09/2014 06:11:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/09/2014 06:11:21 PM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.05004e5aaDefaultTabSearch.exe0.0.0.05004e5aac000000500002d805d801cfe40df27dc007C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe32ef524e-5001-11e4-b6d3-00266c0ce5fa
 
Error: (10/08/2014 09:54:45 PM) (Source: TOSHIBA Service Station)(User: )
Description: TSS Load: could not communicate with TMachInfo service
 
Error: (10/08/2014 09:54:45 PM) (Source: TOSHIBA Service Station)(User: )
Description: Could not load file or assembly '0 bytes loaded from System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' or one of its dependencies. An attempt was made to load a program with an incorrect format.
 
Error: (10/08/2014 09:53:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/08/2014 09:53:23 PM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.05004e5aaDefaultTabSearch.exe0.0.0.05004e5aac000000500002d805f801cfe363cb8add43C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe0cb3978c-4f57-11e4-b2cd-00266c0ce5fa
 
 
 
=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.34 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.257 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Amazon Links (HKLM-x32\...\{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}) (Version: 2.02 - TOSHIBA Corporation)
AMD Media Foundation Decoders (Version: 1.0.60607.2201 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0607.2212.38019 - ATI) Hidden
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{4ACA5AE7-E68C-5A48-F8E6-D67946267506}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0607.2212.38019 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0607.2212.38019 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0607.2212.38019 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help English (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help French (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help German (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
ccc-utility64 (Version: 2011.0607.2212.38019 - ATI) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.1.0 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DefaultTab (HKLM-x32\...\DefaultTab) (Version: 1.2.8.0 - Search Results, LLC)
DefaultTab Chrome (HKLM-x32\...\DefaultTab Chrome) (Version: 1.1.25 - Search Results, LLC)
Define Ext (HKCU\...\Define Ext) (Version: 8 - DefineExt.com)
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Visual Tools)
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.21.5 - Delta)
ETDWare PS/2-X64 8.0.8.0_R01 (HKLM\...\Elantech) (Version: 8.0.8.0 - ELAN Microelectronic Corp.)
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.4 - EZ Freeware)
Genieo (HKCU\...\genieo) (Version: 1.0.314 - Genieo Innovation Ltd.)
getsav-in (HKLM-x32\...\getsav-in) (Version: 1.1371750929 - Adpeak, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Java Auto Updater (x32 Version: 2.0.4.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mighty Magoo Games Console (HKCU\...\MightyMagoo) (Version: 1.1.4 - Duck Play,LLC)
MightyMagoo Packages (HKCU\...\MightyMagoo Packages) (Version:  - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - MyPC Backup)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.7.1.5 - Symantec Corporation)
OffersWizard Network System Driver (HKLM-x32\...\inethnfd) (Version: 1.0.0.3001 - )
Optimizer Pro v3.0 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro)
PC Tools Registry Mechanic 11.0 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.0 - PC Tools)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
RegCure Pro (HKLM-x32\...\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}) (Version: 3.2.5.0 - ParetoLogic, Inc.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
SavetheChildren Reminder by We-Care.com v4.1.19.4 (HKLM-x32\...\{F5575DD6-8112-45A6-8FFA-C7249C3D8E1F}) (Version: 4.1.19.4 - We-Care.com)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.17.2.3 - Client Connect LTD)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 5.9 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.9.115 - Skype Technologies S.A.)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.9 - )
Swiki version 1.0 (HKLM-x32\...\Swiki_is1) (Version: 1.0 - Swiki)
Swiki_IE (HKLM-x32\...\Swiki_IE) (Version: 1.0.0.0 - Swiki)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}) (Version: 2.2.7530 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.11.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.17.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.17.64 - TOSHIBA Corporation) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}) (Version: 2.1.0.3 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.21.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{0AF17224-CF88-40B8-BB1A-D179369847B4}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.1.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.6.1.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.6.1.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.3 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.3.3 - TOSHIBA Corporation) Hidden
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.7 - TOSHIBA)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
UnLock Root 3.2.1 (HKLM-x32\...\UnLock Root) (Version: 3.2.1 - Unlcokroot)
UnLock Root Pro 4.12 (HKLM-x32\...\UnLock Root Pro) (Version: 4.12 - Unlcokroot)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Web Cake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - Web Cake LLC)
Webexp Enhanced (HKLM-x32\...\Webexp Enhanced) (Version: 1.1 - Webexp Enhanced)
WhiteSmoke New Toolbar (HKLM-x32\...\WhiteSmoke_New Toolbar) (Version: 6.15.0.27 - WhiteSmoke New)
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.31 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
========================= Memory info: ===================================
 
Percentage of memory in use: 36%
Total physical RAM: 2662.87 MB
Available physical RAM: 1685.45 MB
Total Pagefile: 5323.93 MB
Available Pagefile: 3842.38 MB
Total Virtual: 4095.88 MB
Available Virtual: 3981.54 MB
 
========================= Partitions: =====================================
 
1 Drive c: (TI106302W0C) (Fixed) (Total:282.92 GB) (Free:241.45 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\TCHUME
 
Administrator            Guest                    Innes                    
 
 
**** End of log ****


#11 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 10 October 2014 - 05:15 PM

I've done all of your steps but the homepage is still set to Conduit. Can I safely change the home page back to the default and delete the cache in IE and Chrome? Also, what should I do with programs like Genieo and Regcure Pro. I don't trust their uninstallers.

 

The good news is now a lot of the stupid programs loading on startup are gone now. I want to remove Norton Internet Security since it's outdated and a terrible program in my opinion but I don't want to do that until I'm certain it's safe to do so.


Edited by RushSonic, 10 October 2014 - 05:18 PM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:33 AM

Posted 10 October 2014 - 06:37 PM

Hi, Yes change the homepage.
Did you run ESET?

Do you have or need another AV before we remove Norton?

Remove those 2 with REVO

You have unwanted programs on your computer system that should be removed.
I recommend using the following program to do this because it is good at removing any stray remnants that uninstallers often leave behind.

1. Please download REVO UNINSTALLER
and save it on your computer.

2. Install Revo Uninstaller on your computer system.

3. Once the program is installed start the program and insure the uninstaller tab is active. (See image below)

revo-main-menu.png

Icons from all your installed programs will appear alphabetically in the main window.

4. Right click the program you wish to uninstall by selecting the program's icon in the main window.
A menu will appear such as that shown below.

revo-uninstall.png

5. Next, choose Uninstall from this menu.

A confirmation from the program you wish to uninstall will appear on your screen, such as the one shown in the image below.

6. Please choose YES that you wish to uninstall the program.

revo-confirm.png

By default, Revo Uninstaller will be set to Moderate uninstall Mode.
Please change it to Advanced by clicking the radio button near Advanced as shown below and then click the NEXT button.

revo-advanced1.png

7. Next, you will see this screen where a system restore back up is made.

uninstall-1.png

The program's built in uninstaller will appear on screen, confirm removal and the uninstall procedure will begin.

confirm.png

The program you uninstalled will confirm it has been uninstalled and may ask for user feedback as shown below. It is really your choice if you wish to take the time to answer their survey, however it is not important if you do or not and you can skip it by clicking NO

uninstall-complete.png

If you are told to reboot to complete the uninstall, choose NO! We still have other things we need to remove from your computer using Revo Uninstaller's other features.

8. Once the program has been successfully uninstalled, click the NEXT button.

next-button.png

Revo Uninstaller will scan your computer for leftover information, files and registry entries.

leftover-info.png

If any registry entries are found, Revo Uninstaller will list those in BOLD text as shown below.

leftover-registry.png

It is safe to remove those entries as they are often only associated with the program you have just removed from your computer system.

9. Look for the Select All button and click it.
All the BOLD entries should now be checked off like shown in the image below.

select-all.png

Look for the DELETE button and click it.
When asked to confirm the deletion, click YES

confirm-delete-registry.png

When finished click the Next button.

Revo may confirm the uninstall is complete and offer a FINISH button. This means the program has been successfully uninstalled and no further action is needed.

If however, any leftover files and folders are found those will be presented. If you want to get rid of them click Select All then Delete.
This will remove those and send them to your RECYCLE BIN. The image below shows Revo Uninstaller asking for your confirmation, before sending them to the recycle bin, simply choose the Yes Button and away they go to the trash. You can then either retrieve them or clean your recycle bin permanently removing them from your computer system.

revo5.png

You can use Revo Uninstaller to remove other unwanted programs from your computer by performing the above procedures for each one.


>>>>

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
- Kaspersky Lab report: Evaluating the threat level of software vulnerabilities
- Microsoft: Unprecedented Wave of Java Exploitation
- Ghosts of Java Haunt Users

Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 8 and save it to your desktop.
  • Under "Java Platform, Standard Edition"...click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select (click on) the download link for your operating system (Windows x86 Offline: jre-8u201-windows-i586.exe or Windows x64: jre-8u201-windows-x64.exe) and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to StartBtn.gif > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7/8 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-8u201-windows-i586.exe (or jre-8u201-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7/8 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it. The McAfee Security Scan Plus may be installed unless you uncheck the McAfee installation box when updating Java.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary. To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

Edited by boopme, 10 October 2014 - 06:38 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 10 October 2014 - 08:56 PM

I ran ESET already and posted the log in this post.

 

I don't have any antivirus in mind. What's the best free antivirus available, preferably with no additional toolbars added to it and easy to maintain. My relative isn't very tech savy and I want a program that will keep him safe online.

 

Now I'm going to install and run Revo.



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:33 AM

Posted 10 October 2014 - 09:35 PM

Ok..that post disappeared...


Remove Norton..


Note: This tool uninstalls all Norton 2003 and later products, including Norton 360, Norton SystemWorks, Norton Internet Security, and others. If you use ACT! or WinFAX, back up this data before you proceed. If you plan to reinstall your Norton products please be sure you have safely stored your product key.
  • Download the Norton Removal tool to your Desktop
  • Double click the Norton Removal Tool icon
  • Allow any security warnings and type your administrator password if required
  • Follow the instructions given
  • Restart your PC
Now install Avira Antivir .. I've used this for years.. Excellent,  lite on resources (unlike Norton).
Only con is the daily nag screen to buy it., but you just have to close that and it's gone.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 10 October 2014 - 10:11 PM

Check post #7. That is the ESET log. I forgot to put a label for it so the post under it shows what log it is.

 

Do you want me to run ESET again just to make sure everything is gone?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users